Anders03

Thank you very much. I still have a lot left on my desktop so just going to ask a few questions then you can close this thread. Can I remove: iExplore.exe TFC.exe Drweb Microsoft Windows Malicious Software Removal Tool Microsoft Support Emergency Response Tool Defogger.exe ? Also, would I be safe with google chrome and mozilla firefox if i reinstalled it now? Not saying I will cause I kind of like this IceDragon, but would it be safe, and would you recommend me to do it or not?

And now? Still haven't seen any sign of partner37.

Yes thanks, I've been pretty carelesss of what to download and to run real scans. So when I've downloaded a software, I should right-click and scan with MBAB and MSE before install? Is it always necessary to delete the programs after detecting virus/malware in it? Just as an example now I saw my downloaded game virtual pool 3 had some trojans after the ESET scan (or whatever it was) detected it. Am I supposed to delete it now or is it safe once the the malware is removed? Maybe you will guide me in upcoming replies what I'm supposed to delete though? I ran the MS Safety scanner, again, with quick-scan, and again nothing was found. WOT add-on is now installed.

Stinger.txt: McAfee® Labs Stinger Version 10.2.0.782 built on Sep 11 2012 Copyright © 2012 McAfee, Inc. All Rights Reserved. Virus data file v1000.0000 created on Sep 11 2012. Ready to scan for 4955 viruses, trojans and variants. Scan initiated on Tue Sep 11 22:56:45 2012 Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................1 Possibly Infected: ............0 C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe Found the Artemis!1F5E61C3BF37 trojan !!! C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe is infected with the Artemis!1F5E61C3BF37 virus !!! Number of clean files: 33686 Number of infected files: 1 Number of files renamed: 1 MSRT-log: (No infections. Posting just in case you want to look at it anyway) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.20, June 2011 Started On Mon Jul 04 13:33:26 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Jul 04 13:34:00 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.20, June 2011 Started On Mon Jul 04 13:34:05 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Jul 04 13:34:31 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.21, July 2011 Started On Tue Jul 26 18:34:21 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Tue Jul 26 18:35:34 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.22, August 2011 Started On Fri Aug 19 23:46:58 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Aug 19 23:47:59 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.0, September 2011 Started On Thu Sep 15 02:07:11 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 15 02:08:19 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.0, September 2011 Started On Thu Sep 29 01:14:24 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 29 01:15:35 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.1, October 2011 Started On Fri Oct 14 01:47:13 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 14 01:48:38 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.2, November 2011 Started On Thu Nov 10 00:47:13 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Nov 10 00:48:46 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.3, December 2011 Started On Fri Dec 16 02:13:30 2011 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Dec 16 02:15:06 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.4, January 2012 Started On Thu Jan 12 00:14:18 2012 ->Scan ERROR: resource process://pid:1224 (code 0x00000490 (1168)) Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Jan 12 00:16:02 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.5, February 2012 Started On Thu Feb 16 12:18:03 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 16 12:19:51 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.6, March 2012 Started On Wed Mar 14 10:34:01 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 14 10:36:06 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.7, April 2012 Started On Thu Apr 12 00:45:51 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 12 00:48:00 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.8, May 2012 Started On Fri May 11 02:16:36 2012 ->Scan ERROR: resource process://pid:1644 (code 0x00000490 (1168)) Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri May 11 02:19:02 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.9, June 2012 Started On Thu Jun 14 03:01:04 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Jun 14 03:03:58 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.10, July 2012 Started On Thu Jul 12 01:57:02 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 12 01:59:52 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.11, August 2012 Started On Thu Aug 16 02:02:06 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 16 02:04:58 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.12, September 2012 Started On Tue Sep 11 23:09:28 2012 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Tue Sep 11 23:12:59 2012 Return code: 0 (0x0) MS Safety Scanner didn't find any threats. I made both step 3 and step 4 with quick scans. Was this the right choice? It was also possible to do full scans. DrWeb: rlls.dll C:\Avenger Trojan.Damaged.1 Deleted. rlvknlg.exe C:\Avenger Trojan.Damaged.1 Deleted. copyright.txt C:\Documents and Settings\Anders\Lokala inställningar\Application Data\RavenBleuSA\bin\1.0.11.0 Adware.Zango.15 Incurable.Moved. analyze[1] C:\Documents and Settings\Anders\Lokala inställningar\Temporary Internet Files\Content.IE5\LNASMKQT Adware.Predictad.1 Incurable.Moved. analyze[2] C:\Documents and Settings\Anders\Lokala inställningar\Temporary Internet Files\Content.IE5\LNASMKQT Adware.Predictad.1 Incurable.Moved. analyze[1] C:\Documents and Settings\Anders\Lokala inställningar\Temporary Internet Files\Content.IE5\YGJ6PQXB Adware.Predictad.1 Incurable.Moved. analyze[2] C:\Documents and Settings\Anders\Lokala inställningar\Temporary Internet Files\Content.IE5\YGJ6PQXB Adware.Predictad.1 Incurable.Moved. script.js C:\Documents and Settings\Anders-2\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcob Program.FileSearch.1 Incurable.Moved. XTRANET.X32 C:\Program\Levande Böcker\Svea Rike II\XTRAS Probably DLOADER.Trojan Incurable.Moved. adlsoft_uncompressor_3_3_last.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Program.ADLSoft.1 - read error Invalid path to file cnet2_SetupMyVideoDownloader_v3_0_1_0_exe.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.130 - read error Invalid path to file cnet_DTLite4413-0173_exe.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.InstallCore.2 Incurable.Moved. installer_daemon_tools.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.23 - read error Invalid path to file installer_daemon_tools_4_40_2__Swedish.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.23 - read error Invalid path to file installer_vlc_media_player_1_1_4_Swedish.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.23 - read error Invalid path to file installer_winrar_4_01_64_bits_Swedish.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.23 - read error Invalid path to file SoftonicDownloader_for_unlocker.exe C:\Program\redbet\pokerclient\Ny mapp\Downloads Adware.Downware.82 - read error Invalid path to file install.rdf.vir C:\Qoobox\Quarantine\C\Program\Complitly\support@Complitly.com Adware.Searcher.1222 Incurable.Moved. ExTEnsion32.dll.vir C:\Qoobox\Quarantine\C\Program\Web Assistant Program.SysTreak.1 Incurable.Moved. A0046262.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP388 Adware.Bandoo.5 Incurable.Moved. A0046325.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP389 Adware.Bandoo.5 Incurable.Moved. A0063662.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063663.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063664.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063665.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063666.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063667.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063668.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063669.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063670.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063672.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063674.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063675.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0063676.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP436 Trojan.Damaged.1 Deleted. A0067590.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP446 Program.SysTreak.1 Incurable.Moved. A0074594.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP457 Program.SysTreak.1 Incurable.Moved. A0075292.dll C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Trojan.Damaged.1 Deleted. A0075293.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Trojan.Damaged.1 Deleted. A0075294.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Program.ADLSoft.1 - read error Invalid path to file A0075295.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.130 - read error Invalid path to file A0075296.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.23 - read error Invalid path to file A0075297.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.23 - read error Invalid path to file A0075298.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.23 - read error Invalid path to file A0075299.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.23 - read error Invalid path to file A0075300.exe C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP458 Adware.Downware.82 - read error Invalid path to file So far, partner37 hasnt occured with the new IceDragon browser. But I need some more time to really tell if it's gone or not.

Ok everything done. Uninstalled chrome and firefox and replaced it with IceDragon. Scan detected 25 infected files. Here's the log: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=c64f872ee0d05146b1887190d51147ba # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-09-11 07:28:57 # local_time=2012-09-11 09:28:57 (+0100, Västeuropa, sommartid) # country="Sweden" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=5378 16777214 0 3 37602007 37602007 0 0 # compatibility_mode=5891 16776869 42 92 678 15119856 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=171018 # found=25 # cleaned=0 # scan_time=6428 C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\cnet2_SolveigMM_HyperCam_3_4_1206_04_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\freecorder setup.exe a variant of Win32/Soft32Downloader.B application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\iLividSetupV1 (1).exe Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\maxspywaredetectorm.exe a variant of Win32/MaxPCsecure application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\SoftonicDownloader_for_intel-indeo.exe Win32/SoftonicDownloader.D application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\SoftonicDownloader_for_vcam.exe a variant of Win32/SoftonicDownloader.D application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Downloads\SopCast-3.5.0.exe Win32/Bundled.Toolbar.Ask application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders\Mina dokument\Hämtade filer\SoftonicDownloader_for_hamachi.exe a variant of Win32/SoftonicDownloader.D application (unable to clean) 00000000000000000000000000000000 I C:\Documents and Settings\Anders-2\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.1_0\background.html Win32/Adware.Yontoo.C application (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\cnet2_SetupMyVideoDownloader_v3_0_1_0_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\cnet_DTLite4413-0173_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\installer_daemon_tools.exe Win32/Toggle application (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\installer_daemon_tools_4_40_2__Swedish.exe multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\installer_vlc_media_player_1_1_4_Swedish.exe multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\installer_winrar_4_01_64_bits_Swedish.exe multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Program\redbet\pokerclient\Ny mapp\Downloads\SoftonicDownloader_for_unlocker.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP389\A0046295.exe a variant of Win32/Toolbar.SearchSuite.A application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP389\A0046296.dll Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP389\A0046343.exe Win32/Somoto application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP390\A0046502.dll a variant of Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP390\A0046503.dll a variant of Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP430\A0063087.exe a variant of Win32/MaxPCsecure application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{A27E3AA8-3559-4BED-BE2F-2CEF98306404}\RP445\A0067532.exe Win32/Graboid application (unable to clean) 00000000000000000000000000000000 I

Correction: "Search Safer" is still on firefox when I open a new tab. Don't know if that's something I can easily remove please tell me if that's the case. And I was sloppy following the instructions this time. I forgot to turn off MSE when doing the scan. Apologise for that..

========== Files - Modified Within 30 Days ========== [2012-09-11 17:02:42 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012-09-11 16:56:16 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-09-11 16:55:33 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-11 16:55:30 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-11 16:55:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-11 16:52:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-11 00:19:54 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2012-09-11 00:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job [2012-09-11 00:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job [2012-09-10 20:41:09 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk [2012-09-10 20:32:48 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\TFC.exe [2012-09-10 20:26:47 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-09-10 20:26:44 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-09-10 20:26:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-09-10 20:26:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-09-10 20:26:44 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-09-10 20:26:43 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012-09-10 20:26:43 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012-09-10 20:25:33 | 031,175,144 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Anders\Skrivbord\jre-7u7-windows-i586.exe [2012-09-10 19:59:57 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job [2012-09-10 17:34:11 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe [2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job [2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job [2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp [2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk [2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL [2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp [2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi ========== Files Created - No Company Name ========== [2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr [2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv [2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat [2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll [2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv [2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls [2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini [2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv [2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt [2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt [2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv [2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo [2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini [2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT [2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI [2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf [2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > [2011-07-04 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2011-07-04 16:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM [2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-02-03 14:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2012-04-17 16:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media [2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2012-07-18 16:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2011-12-14 11:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc [2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2012-08-29 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey [2012-07-10 14:54:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2012-08-16 02:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2012-06-22 19:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla [2011-07-04 18:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero [2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-05-30 21:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real [2012-08-28 23:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2011-10-01 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson [2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2011-08-21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2011-07-04 13:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009-02-04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2012-05-03 20:07:44 | 000,092,096 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\uninstall.exe [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-06-16 16:25:32 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.6.3.25\SetupAdmin.exe [2012-04-19 12:58:06 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe [2012-04-19 12:58:18 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe [2012-04-19 12:58:31 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe [2012-04-19 12:58:38 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe [2012-07-18 16:13:37 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe [2012-04-19 12:58:33 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe [2012-07-18 16:14:17 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe [2012-04-19 12:58:32 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe [2012-04-19 12:58:34 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe [2012-04-19 12:58:35 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe [2012-04-19 12:58:37 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe [2012-04-19 12:58:19 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe [2012-04-19 12:58:01 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe [2012-04-19 12:58:04 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe [2012-07-18 16:14:10 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe [2012-04-19 12:58:15 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe [2012-07-18 16:10:08 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe [2012-04-19 12:58:29 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe [2012-07-18 16:13:42 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe [2011-09-30 16:41:01 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe [2012-07-18 16:14:16 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe [2011-09-20 05:19:08 | 000,109,656 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\LGMLauncher.exe [2011-04-27 05:12:20 | 000,235,456 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe [2011-09-28 01:39:52 | 000,404,568 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-04-01 01:55:52 | 000,038,840 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGbackagent.exe [2011-09-28 02:58:02 | 000,785,496 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGUserCSTool.exe [2012-09-10 23:31:27 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe [2012-08-16 16:18:04 | 003,379,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2011-03-11 05:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe < %ALLUSERSPROFILE%\Application Data\*.dll /s > [2006-11-02 06:21:54 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll [2008-04-17 12:12:54 | 000,107,368 | ---- | M] (GEAR Software Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll [2012-05-03 20:07:40 | 000,309,416 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll [2012-08-16 15:42:30 | 000,211,624 | ---- | M] (Ask.com) -- C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\MYC-ST\APNIC.dll [2012-07-18 16:10:40 | 000,620,400 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\finishPlugin.dll [2012-07-18 16:10:20 | 001,709,936 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\Resource.dll [2012-07-18 16:15:02 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\RunAsUser\RUNASUSERPROCESS.dll [2011-09-26 07:10:20 | 000,118,784 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDL.dll [2010-03-16 08:31:58 | 000,024,576 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll [2011-09-28 01:38:20 | 000,548,864 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll [2012-08-24 17:57:00 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Max Secure\Max Spyware Detector\SysSD.dll [2008-09-17 15:29:12 | 000,020,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll [2012-07-10 14:59:23 | 000,019,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll [2012-07-10 14:59:27 | 000,564,632 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll [2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A59FA9C7-1BE9-4466-81C0-681965B2AA03}\mpengine.dll [2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll [2008-05-19 13:04:06 | 002,368,000 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll [2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll [2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll [2012-08-03 09:05:02 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll [2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll [2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll [2012-08-03 09:03:26 | 000,436,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll [2012-08-03 09:05:42 | 000,435,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll [2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll [2012-08-03 09:05:10 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll [2012-08-03 09:05:16 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll [2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll [2011-11-22 22:35:23 | 000,028,160 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll [2011-11-22 22:35:23 | 000,397,488 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll [2011-11-22 22:35:23 | 000,035,840 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll [2011-11-22 22:35:24 | 000,032,256 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordlegacyext.dll [2011-11-22 22:35:22 | 000,425,680 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-22 22:35:23 | 000,095,744 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-11-22 22:35:23 | 000,019,456 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll [2012-07-26 10:37:24 | 000,035,840 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\CustomRTMP\CustomRTMP.dll [2012-07-26 10:37:24 | 000,036,864 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\SplitMediaLabs.LocalRecording\SplitMediaLabs.LocalRecording.dll [2011-10-12 01:54:21 | 000,768,512 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll [2011-10-12 01:54:12 | 000,476,672 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll < %APPDATA%\*. > [2012-06-13 00:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Adobe [2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft [2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft [2012-05-21 17:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apple Computer [2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity [2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon [2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT [2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly [2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax [2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite [2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro [2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings [2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty [2011-10-18 02:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DivX [2012-04-17 12:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\dvdcss [2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft [2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder [2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo [2012-09-11 16:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier [2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake [2012-05-30 16:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Help [2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data [2011-07-04 12:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Identities [2011-07-04 13:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\InstallShield [2012-08-24 19:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Macromedia [2012-08-29 14:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder [2012-02-10 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Player Classic [2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey [2012-05-12 18:05:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anders\Application Data\Microsoft [2012-06-22 19:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Mozilla [2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader [2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD [2011-07-04 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Nero [2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera [2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle [2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal [2012-05-30 21:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Real [2011-12-14 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\RealNetworks [2012-09-11 00:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Skype [2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia [2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony [2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-09-11 00:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify [2011-08-21 12:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sun [2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister [2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-04-17 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\U3 [2012-09-02 13:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\vlc [2011-10-18 01:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\WinRAR [2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare [2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD < %APPDATA%\*.exe /s > [2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\KeepMeUpdated.exe [2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\64\KeepMeUpdated.exe [2012-08-17 22:41:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.10\agent\rnupgagent.exe [2012-07-19 22:12:12 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe [2006-12-14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\U3\temp\cleanup.exe [2007-02-12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Anders\Application Data\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < c:|Fun4IM;true;true;true; /FP > < c:|Bandoo;true;true;true; /FP > < c:|Searchn;true;true;true; /FP > < c:|Searchq;true;true;true; /FP > < c:|datamngr;true;true;true; /FP > < c:|iLivid;true;true;true; /FP > [2012-07-02 14:16:58 | 000,000,000 | ---D | M] -- c:\Documents and Settings\Anders\Lokala inställningar\Application Data\Ilivid Player < c:|whitesmoke;true;true;true; /FP > < c:|services.ex;true;true;true; /FP > < %USERPROFILE%\..|smtmp;true;true;true /FP > < %systemroot%\*. /mp /s > < HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_USERS\S-1-5-19\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_USERS\S-1-5-20\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\SuggestionsURLFallback: http://api.search.live.com/qsml.aspx?query={searchTerms}&src=IE-SearchBox&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IE8SSC&market={Language} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\FaviconURLFallback: http://www.live.com/favicon.ico HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL: http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC < HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|url /rs > < End of report >

OTL.Txt: OTL logfile created on: 2012-09-11 17:01:08 - Run 4 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,62% Memory free 5,76 Gb Paging File | 4,92 Gb Available in Paging File | 85,53% Paging File free Paging file location(s): C:\pagefile.sys 4000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 298,08 Gb Total Space | 238,37 Gb Free Space | 79,97% Space Free | Partition Type: NTFS Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-07-03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe PRC - [2011-07-25 11:41:48 | 000,433,360 | ---- | M] (Sony Ericsson) -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe PRC - [2010-12-13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe ========== Modules (No Company Name) ========== MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe MOD - [2010-12-13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\TMonitorAPI.dll MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll MOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dll MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe ========== Services (SafeList) ========== SRV - [2012-09-10 16:13:38 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager) SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd) DRV - [2012-09-11 16:53:04 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A59FA9C7-1BE9-4466-81C0-681965B2AA03}\MpKsla3950801.sys -- (MpKsla3950801) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple) DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam) DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr) DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32) DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP) DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 04 FC D1 68 8F CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.se/" FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-09-10 16:13:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M] [2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions [2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions [2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml [2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions [2012-09-10 16:13:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll [2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll [2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-09-10 16:13:15 | 000,002,465 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml [2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml [2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-09-10 16:13:15 | 000,001,387 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-09-10 16:13:15 | 000,001,164 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== CHR - default_search_provider: google.se (Enabled) CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\ CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com) O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe () O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe () O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {068C9DC9-BB4B-1616-688C-B33F2C5C2466} - DirectX ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering av vektorgrafik ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Databindning för dynamisk HTML för Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Avancerad redigering ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Javaklasser för DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Schemaläggaren ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm () Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll () Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll () Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2012-09-10 20:32:46 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\TFC.exe [2012-09-10 20:28:44 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Java [2012-09-10 20:27:05 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-09-10 20:27:05 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-09-10 20:26:58 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-09-10 20:26:58 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-09-10 20:26:58 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-09-10 20:24:57 | 031,175,144 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\Anders\Skrivbord\jre-7u7-windows-i586.exe [2012-09-10 17:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\Gamla Loggar [2012-09-10 17:34:05 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe [2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix [2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL [2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies [2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT [2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT [2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4 [2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4 [2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4 [2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger [2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi [2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi [2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware [2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam [2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam [2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE [2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris [2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris [2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4 [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade [2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar [2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede [2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs [2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy [2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy [2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031 [2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg [2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick [2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax [2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys [2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam [2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask

You have to tell me IF it happens when you are on the web ? and which browser is used ? and what site you are visiting Yes, when I'm on the web. How it occures now, and also before you started to help me is that I'm getting directed there maybe once in 20 or 30 attempts when entering a new webpage. This happens in all the browswer im using (chrome, firefox and IE). When it do happens, I try to just open up a new tab with the same browser and paste the same link that didn't work. And when I do this I will be directed even quicker to partner37 all the time. But when I open another web browser and paste the link, then I normally reach it. I had some weird search toolbar pages in both Firefox and IE but they are completely removed and cleaned now after your help. However, the direction to partner37 still happens sometimes. About the OTL, I'm running it with default settings now as you don't tell me to do any changes. But what comes to my mind is, are you sure I should only have 30 days on "File Age"? My problems have been here for quite a while now before I entered here for help, so it's nothing that just appeared a week ago. Maybe this days settings means something else than I'm thinking of but anyway tell me if there's any changes in the programs I need to check. I don't have the "LOP Check" and "Purity Check" either, which I think you told me to select earlier but not lately. Here are the log, actually I didn't get a "Extras.Txt" this time. Only a OTL.Txt.

Made all stepts. Partner37 still troubleing.

CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012-09-10 17:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\Gamla Loggar [2012-09-10 17:34:05 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe [2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix [2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL [2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies [2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT [2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT [2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4 [2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4 [2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4 [2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger [2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi [2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi [2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware [2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam [2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam [2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE [2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris [2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris [2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4 [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade [2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar [2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede [2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs [2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy [2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy [2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031 [2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg [2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick [2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax [2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys [2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam [2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-09-10 17:34:51 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012-09-10 17:34:11 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe [2012-09-10 17:28:07 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job [2012-09-10 17:26:14 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-10 17:26:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-10 17:25:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-10 17:24:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-10 17:23:47 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2012-09-10 17:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job [2012-09-10 17:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job [2012-09-10 16:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-09-10 16:17:45 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk [2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job [2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job [2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp [2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk [2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL [2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp [2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr [2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv [2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat [2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll [2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv [2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls [2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini [2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv [2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt [2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt [2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv [2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo [2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini [2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT [2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI [2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf [2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > [2011-07-04 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2011-07-04 16:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM [2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-02-03 14:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2012-04-17 16:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media [2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2012-07-18 16:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2011-12-14 11:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet [2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc [2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2012-08-29 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey [2012-07-10 14:54:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2012-08-16 02:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2012-06-22 19:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla [2011-07-04 18:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero [2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-05-30 21:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real [2012-08-28 23:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2011-10-01 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson [2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2011-08-21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2011-07-04 13:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009-02-04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2012-05-03 20:07:44 | 000,092,096 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\uninstall.exe [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-06-16 16:25:32 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.6.3.25\SetupAdmin.exe [2012-04-19 12:58:06 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe [2012-04-19 12:58:18 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe [2012-04-19 12:58:31 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe [2012-04-19 12:58:38 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe [2012-07-18 16:13:37 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe [2012-04-19 12:58:33 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe [2012-07-18 16:14:17 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe [2012-04-19 12:58:32 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe [2012-04-19 12:58:34 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe [2012-04-19 12:58:35 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe [2012-04-19 12:58:37 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe [2012-04-19 12:58:19 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe [2012-04-19 12:58:01 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe [2012-04-19 12:58:04 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe [2012-07-18 16:14:10 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe [2012-04-19 12:58:15 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe [2012-07-18 16:10:08 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe [2012-04-19 12:58:29 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe [2012-07-18 16:13:42 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe [2011-09-30 16:41:01 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe [2012-07-18 16:14:16 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe [2011-09-20 05:19:08 | 000,109,656 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\LGMLauncher.exe [2011-04-27 05:12:20 | 000,235,456 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe [2011-09-28 01:39:52 | 000,404,568 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-04-01 01:55:52 | 000,038,840 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGbackagent.exe [2011-09-28 02:58:02 | 000,785,496 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGUserCSTool.exe [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe [2012-08-16 16:18:04 | 003,379,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2011-03-11 05:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe < %ALLUSERSPROFILE%\Application Data\*.dll /s > [2006-11-02 06:21:54 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll [2008-04-17 12:12:54 | 000,107,368 | ---- | M] (GEAR Software Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll [2012-05-03 20:07:40 | 000,309,416 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll [2012-08-16 15:42:30 | 000,211,624 | ---- | M] (Ask.com) -- C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\MYC-ST\APNIC.dll [2012-07-18 16:10:40 | 000,620,400 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\finishPlugin.dll [2012-07-18 16:10:20 | 001,709,936 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\Resource.dll [2012-07-18 16:15:02 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\RunAsUser\RUNASUSERPROCESS.dll [2011-09-26 07:10:20 | 000,118,784 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDL.dll [2010-03-16 08:31:58 | 000,024,576 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll [2011-09-28 01:38:20 | 000,548,864 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll [2012-08-24 17:57:00 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Max Secure\Max Spyware Detector\SysSD.dll [2008-09-17 15:29:12 | 000,020,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll [2012-07-10 14:59:23 | 000,019,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll [2012-07-10 14:59:27 | 000,564,632 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll [2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E8339C9-177D-4B60-9427-26FFAD979AA1}\mpengine.dll [2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll [2008-05-19 13:04:06 | 002,368,000 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll [2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll [2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll [2012-08-03 09:05:02 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll [2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll [2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll [2012-08-03 09:03:26 | 000,436,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll [2012-08-03 09:05:42 | 000,435,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll [2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll [2012-08-03 09:05:10 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll [2012-08-03 09:05:16 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll [2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll [2011-11-22 22:35:23 | 000,028,160 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll [2011-11-22 22:35:23 | 000,397,488 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll [2011-11-22 22:35:23 | 000,035,840 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll [2011-11-22 22:35:24 | 000,032,256 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordlegacyext.dll [2011-11-22 22:35:22 | 000,425,680 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-22 22:35:23 | 000,095,744 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-11-22 22:35:23 | 000,019,456 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll [2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll [2012-07-26 10:37:24 | 000,035,840 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\CustomRTMP\CustomRTMP.dll [2012-07-26 10:37:24 | 000,036,864 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\SplitMediaLabs.LocalRecording\SplitMediaLabs.LocalRecording.dll [2011-10-12 01:54:21 | 000,768,512 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll [2011-10-12 01:54:12 | 000,476,672 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll < %APPDATA%\*. > [2012-06-13 00:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Adobe [2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft [2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft [2012-05-21 17:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apple Computer [2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity [2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon [2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT [2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly [2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax [2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite [2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro [2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings [2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty [2011-10-18 02:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DivX [2012-04-17 12:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\dvdcss [2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft [2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder [2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo [2012-09-10 17:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier [2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake [2012-05-30 16:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Help [2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data [2011-07-04 12:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Identities [2011-07-04 13:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\InstallShield [2012-08-24 19:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Macromedia [2012-08-29 14:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder [2012-02-10 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Player Classic [2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey [2012-05-12 18:05:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anders\Application Data\Microsoft [2012-06-22 19:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Mozilla [2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader [2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD [2011-07-04 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Nero [2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera [2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle [2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal [2012-05-30 21:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Real [2011-12-14 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\RealNetworks [2012-09-10 17:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Skype [2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia [2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony [2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-09-10 16:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify [2011-08-21 12:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sun [2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister [2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-04-17 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\U3 [2012-09-02 13:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\vlc [2011-10-18 01:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\WinRAR [2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare [2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD < %APPDATA%\*.exe /s > [2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\KeepMeUpdated.exe [2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\64\KeepMeUpdated.exe [2012-08-17 22:41:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.10\agent\rnupgagent.exe [2012-07-19 22:12:12 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe [2006-12-14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\U3\temp\cleanup.exe [2007-02-12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Anders\Application Data\U3\temp\Launchpad Removal.exe < %APPDATA%\*.dll /s > [2012-01-02 01:11:18 | 005,494,272 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Adobe\Flash Player\NativeCache\E6A8DB80E4AEE90C7CB47D1A338C7244\55c87052\adobecp-300592-2.dll [2012-01-18 03:51:08 | 000,139,768 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll [2012-01-18 03:51:08 | 000,167,416 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\64\Complitly64.dll [2012-07-11 00:01:12 | 000,015,128 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Anders\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll [2011-07-26 17:59:53 | 000,208,896 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_dsp.dll [2011-07-26 17:59:53 | 000,282,624 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll [2011-07-26 17:59:53 | 000,655,360 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll [2012-05-17 17:09:05 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Sun\Java\jre1.7.0_04\lzma.dll < %SYSTEMDRIVE%\*.exe > [2012-07-04 05:48:38 | 003,861,472 | ---- | M] () -- C:\chatzum.exe < MD5 for: AGP440.SYS > [2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: BEEP.SYS > [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys [2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys < MD5 for: EVENTLOG.DLL > [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\dllcache\netlogon.dll [2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: RUNDLL32.EXE > [2012-07-03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\dllcache\rundll32.exe [2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\rundll32.exe < MD5 for: SCECLI.DLL > [2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\dllcache\scecli.dll [2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\scecli.dll < MD5 for: THEMEUI.DLL > [2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\dllcache\themeui.dll [2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\themeui.dll < MD5 for: USERINIT.EXE > [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\dllcache\userinit.exe [2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\userinit.exe < c:\windows|protector;true;true;true /FP > [2012-09-10 17:23:47 | 000,027,590 | ---- | M] () -- c:\WINDOWS\Prefetch\%PROTECTOR PROCESS NAME%.EXE-10BA9BD9.pf < c:\windows|partner;true;true;true /FP > < %USERPROFILE%\..|smtmp;true;true;true /FP > < %systemroot%\system32\drivers\*.sys /lockedfiles > [3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ] < %systemroot%\System32\config\*.sav > [2011-07-04 14:17:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2011-07-04 14:17:23 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2011-07-04 14:17:23 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < > < End of report > checkup.txt: Results of screen317's Security Check version 0.99.50 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.0 Java 6 Update 26 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.3.300.271 Mozilla Firefox (15.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log``````````````````````

OTL.Txt: OTL logfile created on: 2012-09-10 17:37:57 - Run 3 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,41% Memory free 5,76 Gb Paging File | 4,81 Gb Available in Paging File | 83,65% Paging File free Paging file location(s): C:\pagefile.sys 4000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 298,08 Gb Total Space | 238,03 Gb Free Space | 79,86% Space Free | Partition Type: NTFS Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe ========== Modules (No Company Name) ========== MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll MOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dll MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe ========== Services (SafeList) ========== SRV - [2012-09-10 16:13:38 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager) SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple) DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam) DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr) DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32) DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP) DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 04 FC D1 68 8F CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.se/" FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-09-10 16:13:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M] [2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions [2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions [2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml [2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions [2012-09-10 16:13:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll [2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll [2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-09-10 16:13:15 | 000,002,465 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml [2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml [2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-09-10 16:13:15 | 000,001,387 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-09-10 16:13:15 | 000,001,164 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== CHR - default_search_provider: google.se (Enabled) CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\ CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com) O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe () O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe () O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - C:\Program\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {068C9DC9-BB4B-1616-688C-B33F2C5C2466} - DirectX ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering av vektorgrafik ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Databindning för dynamisk HTML för Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Avancerad redigering ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Javaklasser för DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Schemaläggaren ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm () Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll () Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll () Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

IF you have Spybot Search & Destroy, make sure that Tea Timer is not active ! IF you have other security programs besides MS Security Essentials, let me know which. Let me know what antivirus you had from before MSE I'm not aware of any Spybot. MSE should be the only one currently and I can't remember me having another one earlier. In your next reply, confirm that you have done this set of steps in Internet Explorer. Yes I did and now I don't have any weird search pages and toolbars anymore I think (On IE). When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a repl I ran it and it seemed to work successfully according to the post comments. However, when it said it was producing a log and I pressed ok, an empty notepad document popped up and no log was saved on the desktop. I tried the other links and same thing happened time after time.

Partner37 is still active. I found the second Combo-Mix file: KILLALL:: DDS:: uStart Page = hxxp://search.chatzum.com/ mStart Page = hxxp://search.chatzum.com/ uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll uRun: [ares] "c:\program\ares\Ares.exe" -h Folder:: c:\program\ares c:\program\utorrentbar OTL: OTL logfile created on: 2012-09-10 15:28:43 - Run 2 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,84% Memory free 5,76 Gb Paging File | 4,84 Gb Available in Paging File | 84,02% Paging File free Paging file location(s): C:\pagefile.sys 4000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 298,08 Gb Total Space | 238,19 Gb Free Space | 79,91% Space Free | Partition Type: NTFS Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe PRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exe PRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exe PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe ========== Modules (No Company Name) ========== MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe ========== Services (SafeList) ========== SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager) SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv) DRV - File not found [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7A6243A8-A23C-47BF-992F-CB95CB468D62}\MpKsld64fc128.sys -- (MpKsld64fc128) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple) DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam) DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr) DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32) DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP) DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 7D 76 21 A0 8E CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.se/" FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M] [2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions [2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions [2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml [2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions [2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll [2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll [2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml [2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml [2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== CHR - default_search_provider: google.se (Enabled) CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\ CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found O4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group) O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com) O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe () O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe () O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not found O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix [2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL [2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies [2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT [2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT [2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4 [2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4 [2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4 [2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger [2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi [2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi [2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware [2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam [2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam [2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE [2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris [2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4 [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade [2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar [2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede [2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs [2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy [2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy [2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031 [2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg [2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick [2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax [2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys [2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam [2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job [2012-09-10 15:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job [2012-09-10 15:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job [2012-09-10 14:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job [2012-09-10 10:17:58 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job [2012-09-10 10:09:57 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk [2012-09-10 10:08:39 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-10 10:08:32 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-10 10:08:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-10 10:07:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-09 23:21:05 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job [2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp [2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk [2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL [2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp [2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png [2012-09-10 10:08:14 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job [2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe [2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe [2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr [2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv [2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat [2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll [2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv [2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls [2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini [2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv [2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt [2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt [2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv [2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo [2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini [2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT [2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI [2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf [2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== LOP Check ========== [2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media [2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc [2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey [2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft [2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft [2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity [2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon [2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT [2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly [2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax [2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite [2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro [2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings [2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty [2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft [2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder [2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo [2012-09-10 10:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier [2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake [2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data [2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder [2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey [2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader [2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD [2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera [2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle [2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal [2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia [2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony [2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-09-10 15:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify [2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister [2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare [2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD [2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job [2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job ========== Purity Check ========== < End of report >

If a complete system reboot is necessary for me, please tell. Combo-Fix got stuck again. Finishing stage 1..... Finishing stage 2..... ........ ........ Finishing stage 50.... It came to this pretty quick but then nothing happened during 2 hours or so. _____________________________________________________________ OTL-log: ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0065856-99D2-45A6-A927-A5B633B680F1}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. ========== FILES ========== File\Folder c:\program\ares not found. File\Folder c:\program\utorrentbar not found. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi moved successfully. C:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully. C:\Documents and Settings\All Users\Application Data\BabylonUpdater folder moved successfully. C:\Documents and Settings\All Users\Application Data\blekko toolbars folder moved successfully. File\Folder c:\program\utorrentbar\prxtbuTor.dll not found. File\Folder c:\program\search~1\datamngr\toolbar\searchqudtx.dll not found. File\Folder c:\program\utorrentbar\prxtbuTor.dll not found. C:\RECYCLER\S-1-5-21-1659004503-343818398-682003330-1003 folder moved successfully. C:\RECYCLER folder moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ares not found. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point [EMPTYFLASH] User: All Users User: Anders ->Flash cache emptied: 81026 bytes User: Anders-2 ->Flash cache emptied: 3911 bytes User: Default User User: LocalService User: NetworkService User: postgres Total Flash Files Cleaned = 0,00 mb [EMPTYJAVA] User: All Users User: Anders ->Java cache emptied: 6265466 bytes User: Anders-2 ->Java cache emptied: 0 bytes User: Default User User: LocalService User: NetworkService User: postgres Total Java Files Cleaned = 6,00 mb OTL by OldTimer - Version 3.2.61.2 log created on 09092012_172427 Files\Folders moved on Reboot... Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot. Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...

Extras.Txt OTL Extras logfile created on: 2012-09-08 20:54:32 - Run 1 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free 5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File free Paging file location(s): C:\pagefile.sys 4000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFS Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* https [open] -- "C:\Program\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\Program\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.) Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 "3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server "3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server "51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server "51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated) "C:\Program\Spotify\spotify.exe" = C:\Program\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) "C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "C:\Program\Steam\Steam.exe" = C:\Program\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program\redbet\pokerclient\redbet.exe" = C:\Program\redbet\pokerclient\redbet.exe:*:Enabled:Poker Client Software -- (Entraction Solutions AB) "C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.) "C:\Program\Winamp\winamp.exe" = C:\Program\Winamp\winamp.exe:*:Enabled:Winamp "C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe" = C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe:*:Enabled:µTorrent "C:\Program\Comeon Poker 2.0\PokerClient.exe" = C:\Program\Comeon Poker 2.0\PokerClient.exe:*:Enabled:Comeon Poker 2.0 -- (Comeon Poker) "C:\Program\VideoLAN\VLC\vlc.exe" = C:\Program\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- () "C:\Program\Ares\Ares.exe" = C:\Program\Ares\Ares.exe:*:Enabled:Ares p2p for windows "C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe" = C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe:*:Enabled:Virtual Pool 3 DL -- (Celeris Inc.) "C:\Program\GameSpy Arcade\Aphex.exe" = C:\Program\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0 -- (IGN Entertainment, Inc.) "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation) "C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- () "C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program\SopCast\SopCast.exe" = C:\Program\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios) "C:\Program\Opera\opera.exe" = C:\Program\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software) "C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios) "c:\program\relevantknowledge\rlvknlg.exe" = c:\program\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414" = CanoScan LiDE 110 Scanner Driver "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26 "{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{291C5A9A-15B1-4F2C-898F-10D04D252886}" = Trafikskolan TEO "{296D775C-839A-3618-8D5C-E2B588C5CD12}" = Microsoft .NET Framework 4 Extended SVE Language Pack "{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.430 "{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4 "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4 "{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E799930-BBE1-4A64-BC49-99354D37DBB7}" = Adobe Creative Suite 4 Master Collection "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SV-SE Language Pack "{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs "{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4 "{6006089C-84B5-4F18-8113-D96792AED0DE}_is1" = ChrisPC Free Anonymous Proxy 3.00 "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{7CE198D0-CFB0-49F2-9ECF-2F2C084EAD9E}" = Adobe Setup "{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.3.3 "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{90120000-0010-041D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Swedish) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-041D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Swedish) 2007 "{90120000-0015-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007 "{90120000-0016-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007 "{90120000-0018-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-041D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Swedish) 2007 "{90120000-0019-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-041D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Swedish) 2007 "{90120000-001A-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007 "{90120000-001B-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007 "{90120000-001F-040B-0000-0000000FF1CE}_PROPLUS_{C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007 "{90120000-001F-041D-0000-0000000FF1CE}_PROPLUS_{4A960AFC-E28F-4233-953F-1903BE859B79}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007 "{90120000-0044-041D-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Swedish) 2007 "{90120000-0044-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007 "{90120000-006E-041D-0000-0000000FF1CE}_PROPLUS_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B700657-676B-4A98-8B25-40A1BAC81053}" = Nero 8 Essentials "{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4 "{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk "{AC76BA86-1053-DF60-7760-000000000004}{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk "{ACC78BCD-6B12-4C73-8D98-5B96A4A6D73A}" = XSplit "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4 "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4 "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3 "{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi "{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7 "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C60AAF4C-A72C-36E0-8CA4-41FF753D74F6}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack "{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com "{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD9A35D4-8A81-4188-98AF-14D759083FB4}" = Nordea NCR1 Installationspaket "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4 "{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer "{D7A3F13E-3B62-4DD8-84E5-E3D20F4FCA99}_is1" = DigitalClock version 1.1 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E801BD2A-AB6B-4B8F-9599-B164AC726EC8}" = Virtual Pool 4 "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4 "{F8D02DBB-9B81-4192-9E85-219AD0447920}" = Microsoft Antimalware Service SV-SE Language Pack "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FA7F689F-88EB-4946-B105-4C434CF5B07A}" = BankID säkerhetsprogram "{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "1180-6883-2514-0226-redbet-PROD" = redbet "7-Zip" = 7-Zip 9.20 "AC3Filter_is1" = AC3Filter 1.63b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Adobe_df1693a38ea3822700f69621b5e71d0" = Adobe Creative Suite 4 Master Collection "AMDAway INF" = AMDAway INF "Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor "Bandicam" = Bandicam "BandiMPEG1" = Bandisoft MPEG-1 Decoder "bet365poker" = Poker at bet365 "Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0 "Betsafe Poker_is1" = Betsafe Poker "CamStudio" = CamStudio "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Combat Flight Simulator 1.00" = Microsoft Combat Flight Simulator "Comeon Poker 2.0" = Comeon Poker 2.0 "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup" = DivX Setup "EE9C4A93-0E83-4C66-9802-5DC13C189C12_is1" = Free Audio Recorder 6.6.6 "ERUNT_is1" = ERUNT 1.1j "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.3.1206 "Free Desktop Clock" = Free Desktop Clock "GameSpy Arcade" = GameSpy Arcade "Gmail Notifier" = Gmail Notifier "HandBrake" = HandBrake 0.9.6 "HyperCam 2" = HyperCam 2 "ie8" = Windows Internet Explorer 8 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Basic) "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "MediaMonkey_is1" = MediaMonkey 4.0 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended SVE Language Pack" = Microsoft .NET Framework 4 Extended Language Pack - SVE "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox 14.0.1 (x86 sv-SE)" = Mozilla Firefox 14.0.1 (x86 sv-SE) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MWSnap 3" = MWSnap 3 "NVIDIA Drivers" = NVIDIA Drivers "Opera 12.01.1532" = Opera 12.01 "Pirateplayer" = Pirateplayer "PokerStars" = PokerStars "PokerStars.net" = PokerStars.net "PokerTracker3" = PokerTracker 3 (remove only) "PokerTracker4" = PokerTracker 4 (remove only) "PROPLUS" = Microsoft Office Professional Plus 2007 "Quick Screenshot Maker 2.1_is1" = Quick Screenshot Maker 2.1 "RealPlayer 15.0" = RealPlayer "Replay Music3.45" = Replay Music "SopCast" = SopCast 3.5.0 "Spotify" = Spotify "Steam App 10" = Counter-Strike "Steam App 105430" = Age of Empires Online "Svea Rike II" = Svea Rike II "Svenska Spels Poker" = Svenska Spels Poker "Unlocker" = Unlocker 1.9.1 "Veetle TV" = Veetle TV "William Hill Poker" = William Hill Poker "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "VLC media player" = VLC media player 2.0.1 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only) "Xvid Video Codec 1.3.2" = Xvid Video Codec "Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.2 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "f396e7ec6e1240c7" = Tradera ProLister "Google Chrome" = Google Chrome "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2012-08-26 18:21:21 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0001d5b5. Error - 2012-08-27 09:42:13 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba4fe. Error - 2012-08-27 15:06:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul unknown, version 0.0.0.0, felaktig adress 0x0012f3bc. Error - 2012-08-27 17:40:49 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0002bf60. Error - 2012-08-29 16:06:44 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program camtasiastudio.exe, version 7.1.1.1785, felaktig modul xvidcore.dll, version 0.0.0.0, felaktig adress 0x0003a955. Error - 2012-08-29 16:07:16 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1001 Description = Fel-bucket -1161878780. Error - 2012-08-30 16:42:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba49a. Error - 2012-08-30 17:56:33 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0001d602. Error - 2012-08-30 18:00:40 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba4a4. Error - 2012-09-02 07:22:36 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000 Description = Felaktigt program vp4.exe, version 4.1.0.5, felaktig modul vp4.exe, version 4.1.0.5, felaktig adress 0x001886ed. [ System Events ] Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034 Description = Tjänsten Smart Card avslutades oväntat. Detta har skett 1 gånger. Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031 Description = Tjänsten Apple Mobile Device avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om tjänsten. Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031 Description = Tjänsten Microsoft Antimalware Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten. Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034 Description = Tjänsten LogMeIn Hamachi Tunneling Engine avslutades oväntat. Detta har skett 1 gånger. Error - 2012-09-07 10:02:33 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 Error - 2012-09-07 17:10:57 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 Error - 2012-09-07 17:14:46 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 Error - 2012-09-07 17:21:11 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 Error - 2012-09-08 04:10:01 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 Error - 2012-09-08 04:11:55 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000 Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058 < End of report > checkup.txt Results of screen317's Security Check version 0.99.50 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.0 Java 6 Update 26 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.3.300.271 Mozilla Firefox (14.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log``````````````````````

I'm using standard-box pc. Made the scans now. OTL.Txt OTL logfile created on: 2012-09-08 20:54:32 - Run 1 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free 5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File free Paging file location(s): C:\pagefile.sys 4000 4000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Drive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFS Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe PRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exe PRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exe PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe PRC - [2010-07-16 13:58:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows NT\Tillbehör\wordpad.exe PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe ========== Modules (No Company Name) ========== MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll MOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dll MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe ========== Services (SafeList) ========== SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager) SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd) DRV - [2012-09-08 10:11:58 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C8531222-E07D-41BA-AEF7-EEBF9D663187}\MpKsl773a5346.sys -- (MpKsl773a5346) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple) DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam) DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus) DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr) DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32) DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP) DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227980 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=e4cffaf3000000000000001aa0662619 IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=EB75BA8D2AB505C7CAC68A502D02E5DF&q={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.chatzum.com/?q={searchTerms} IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms} IE - HKCU\..\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}: "URL" = http://www.google.com/search?hl=sv&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb143/?search={searchTerms}&loc=IB_DS&a=6PQxaWucyc&i=26 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.se/" FF - prefs.js..extensions.enabledAddons: stefanvandamme@stefanvd.net:2.0.0.100 FF - prefs.js..extensions.enabledAddons: {7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.10.27.6 FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M] [2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions [2012-08-29 23:05:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions [2012-08-28 13:33:31 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} [2012-08-04 11:12:15 | 000,456,182 | ---- | M] () (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi [2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml [2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions [2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll [2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll [2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml [2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml [2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== CHR - default_search_provider: google.se (Enabled) CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\ CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found O4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group) O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com) O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe () O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe () O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not found O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Min aktuella startsida) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-07 18:13:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-09-07 15:19:29 | 000,000,000 | --SD | C] -- C:\Combo-Fix [2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-09-07 15:12:52 | 004,746,072 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT [2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT [2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4 [2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4 [2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4 [2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger [2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi [2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi [2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes [2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware [2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware [2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam [2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam [2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE [2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris [2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris [2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4 [2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys [2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade [2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar [2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi [2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede [2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs [2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs [2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy [2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy [2012-08-16 16:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars [2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031 [2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg [2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick [2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax [2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys [2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam [2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job [2012-09-08 20:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe [2012-09-08 20:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job [2012-09-08 20:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job [2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp [2012-09-08 13:35:46 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk [2012-09-08 13:34:17 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-08 13:34:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-08 13:34:15 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job [2012-09-08 13:33:59 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-08 10:21:35 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2012-09-08 10:11:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-08 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job [2012-09-08 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job [2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-09-07 15:13:02 | 004,746,072 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe [2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-07 13:40:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-09-07 10:34:42 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk [2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL [2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp [2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [2012-08-10 18:11:06 | 000,071,226 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png [2012-08-10 18:09:55 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8 [2012-08-10 17:51:05 | 000,275,934 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp [2012-08-10 17:45:05 | 000,071,195 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png [2012-08-10 17:12:35 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp [2012-08-10 17:04:53 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp [2012-08-10 16:43:38 | 000,070,747 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png [2012-08-10 16:28:54 | 000,055,222 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg [2012-08-10 16:11:01 | 000,842,862 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png [2012-08-10 16:11:00 | 001,122,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png [2012-08-09 21:31:27 | 001,426,273 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp [2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi [2012-09-08 10:09:59 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job [2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png [2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png [2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png [2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png [2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr [2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk [2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk [2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable [2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png [2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png [2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png [2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab [2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk [2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png [2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png [2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png [2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png [2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi [2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi [2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png [2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png [2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg [2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png [2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png [2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png [2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr [2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV [2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp [2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp [2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp [2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png [2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png [2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk [2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png [2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk [2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk [2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi [2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk [2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png [2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png [2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png [2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat [2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png [2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png [2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk [2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk [2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk [2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi [2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg [2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png [2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png [2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp [2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp [2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp [2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png [2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png [2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png [2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png [2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png [2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png [2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk [2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk [2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk [2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi [2012-08-10 18:11:06 | 000,071,226 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png [2012-08-10 18:09:55 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8 [2012-08-10 17:51:05 | 000,275,934 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp [2012-08-10 17:45:05 | 000,071,195 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png [2012-08-10 17:12:35 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp [2012-08-10 17:04:53 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp [2012-08-10 16:43:38 | 000,070,747 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png [2012-08-10 16:28:53 | 000,055,222 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg [2012-08-10 16:10:56 | 000,842,862 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png [2012-08-10 16:10:53 | 001,122,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png [2012-08-09 21:31:14 | 001,426,273 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png [2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv [2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat [2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll [2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv [2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls [2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini [2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv [2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt [2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt [2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv [2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo [2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini [2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini [2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT [2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI [2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-10-02 13:50:38 | 000,136,704 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf [2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== LOP Check ========== [2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor [2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask [2012-02-28 18:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2011-09-30 16:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BabylonUpdater [2012-08-29 17:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars [2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media [2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris [2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc [2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService [2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX [2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey [2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager [2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs [2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer [2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith [2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft [2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft [2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity [2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon [2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT [2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris [2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly [2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax [2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite [2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro [2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings [2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty [2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft [2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder [2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet [2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo [2012-09-08 13:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier [2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake [2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data [2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder [2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey [2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader [2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD [2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera [2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle [2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal [2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia [2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony [2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs [2012-09-08 20:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify [2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister [2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle [2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare [2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD [2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job [2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job ========== Purity Check ========== < End of report >

Did you see it start ? was there not a display of the phase # shown ? How do you know "nothing happened"? Did you turn off your antivirus app beforehand ? Look in your C drive, in the root, C:\ for Combofix.txt IF found, copy and paste the contents of C:\Combofix.txt It started and was working for a while, maybe 20 minutes .Then nothing happened for 30-40 minutes when it was saying "Removing these files:" and it was just a few files. I turned off microsoft security essentials yes. I didn't get a log as I closed it and restarted my computer. Shall I do combo fix again or should I continue with the next steps you just gave me?

Followed all steps but closed down Combofix progress after nothing happened during 30 minutes and a total of 50-60 minutes. Shall I run it again and allow it 2-3 hours or what should I do?

Couldn't find any sign of "Ares" unfortfunately. Looked in control panel and also searched after it but no hit at all. uTorrent is completely removed now. logoff & Restart system If this means just a normal computer restart then it's done now.

I've read this is pretty common but I haven't had that big success googling for solutions. I've had this for a few weeks and the only problem is that I'm getting forward to the partner37 url sometimes. And when it does accure it's very hard to open up a new tab to get to the page I wanted to go to as I will just instantly get the partner37 again. Often works to just change browser from chrome to firefox. And btw, start page on firefox is "Search Safer" which i believe is some kind of virus as well as it's not supposed to be there when I open a new tab. Anyway I need to try do something so I will see if you can help me here. I'm on the MBAM pro trial and the full scan i made some week ago detected lot of stuff which I removed all of it. But the partner37 remained. Today I made the quick scan and it didn't find anything. Let me know if I've forgot to do something but here are the .txt logs I believe I'm supposed to post. attach.txt dds.txt Thank you.