Jump to content

jn2002dk

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

Reputation

0 Neutral
  1. jn2002dk
    Hello Jeff Thank you for the security tips and yes, i am happy it's resolved Thank you again for all your help and happy thanksgiving:)
  2. jn2002dk
    Hello Jeff Cleared the java cache and ran an ESET scan as instructed and it came up empty so it looks like it's clean Once again thank you for all your help:)
  3. jn2002dk
    As for the pc it seems to be running fine I've checked the malwarebytes logs and it seems like an isolated incident so i think it's safe to assume it's clean now I really appreciate you taking the time to help me, especially here in your holidays. Expect a donation today Thank you for all the help:)
  4. jn2002dk
    OTL logfile created on: 22-11-2012 11:00:56 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Desktop\Malware tools 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16433) Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy 15,95 Gb Total Physical Memory | 13,90 Gb Available Physical Memory | 87,14% Memory free 31,95 Gb Paging File | 29,79 Gb Available in Paging File | 93,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,95 Gb Total Space | 337,28 Gb Free Space | 73,97% Space Free | Partition Type: NTFS Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\jn2002dk\Desktop\Malware tools\OTL.exe (OldTimer Tools) PRC - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Programmer\Tablet\Wacom\WacomHost.exe (Wacom Technology) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () PRC - C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe () PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll () ========== Services (SafeList) ========== SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service 64) -- C:\Programmer\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (WTabletServicePro) -- C:\Programmer\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology, Corp.) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (SbieSvc) -- C:\Programmer\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Live Updater Service) -- C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) SRV - (Intel® -- C:\Programmer\Intel\iCLS Client\HeciServer.exe (Intel® Corporation) SRV - (WSWNA3100M) -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe () SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\Drivers\wacomrouterfilter.sys (Wacom Technology) DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\Drivers\wachidrouter.sys (Wacom Technology) DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\Drivers\hidkmdf.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (wna3100m) -- C:\Windows\SysNative\Drivers\wna3100m.sys (NETGEAR Corporation ) DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\Drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\Drivers\ViaHub3.sys (VIA Technologies, Inc.) DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\Drivers\xhcdrv.sys (VIA Technologies, Inc.) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\Drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\Drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\Drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\Drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (adfs) -- C:\WINDOWS\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\Drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\Drivers\EtronXHCI.sys (Etron Technology Inc) DRV - (SbieDrv) -- C:\Programmer\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (adfs) -- C:\WINDOWS\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) ========== Chrome ========== CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Entanglement = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Bejeweled = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\ CHR - Extension: Angry Birds = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: Google Drive = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: Audiotool = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\ CHR - Extension: YouTube = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Bouncy Mouse = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\ CHR - Extension: Google Search = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Cordy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjbkahdllcckjbjijejpmcgkkjpnnfk\15_0\ CHR - Extension: Bomomo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln\1_0\ CHR - Extension: Sumo Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod\3.7_0\ CHR - Extension: Sleepy Jack = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc\23_0\ CHR - Extension: Search All = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\ CHR - Extension: Recent History = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm\2.1.4.1_0\ CHR - Extension: AdBlock = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\ CHR - Extension: Vector Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo\3.0.0.0_0\ CHR - Extension: Isoball 3 = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\ CHR - Extension: Pixlr Editor = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\ CHR - Extension: LineBall = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\ CHR - Extension: Nano Ninja = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jommidhbgbbbbjddhmajdmeajfleineg\1.3.0_0\ CHR - Extension: Force Reload = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhgjeaffbhdcpflajldaijabgclfnoa\1.2_0\ CHR - Extension: Little Alchemy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\ CHR - Extension: Divvr = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackkieddhpmioebogincgkkcagabhgm\2.0_0\ CHR - Extension: Google Maps = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: Harmony = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0\ CHR - Extension: Poppit = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ CHR - Extension: ScriptNo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.2_0\ CHR - Extension: Mini Ninjas = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.16_0\ CHR - Extension: Bastion = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\ CHR - Extension: Gmail = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-11-22 10:47:41 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - Startup: C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-11-10 11:57:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2012-11-02 16:01:37 | 044,851,551 | ---- | M] () - D:\Autodesk_Sketchbook_Pro_v6_Multilingual_WIN_32bit.exe -- [ NTFS ] O32 - AutoRun File - [2011-11-14 23:15:54 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-11-22 10:47:23 | 000,000,000 | ---D | C] -- C:\_OTL [2012-11-22 00:09:30 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\Malware tools [2012-11-21 17:55:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-11-21 17:12:11 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe [2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Opera [2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Opera [2012-11-19 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012-11-19 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla [2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2012-11-19 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\New project [2012-11-19 11:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Construct 2 [2012-11-18 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [2012-11-18 10:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Mozilla [2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer [2012-11-17 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2012-11-17 14:28:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-11-16 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-11-16 19:28:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2012-11-16 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-11-16 17:53:44 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2012-11-16 17:34:38 | 000,000,000 | R--D | C] -- C:\Sandbox [2012-11-16 17:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie [2012-11-16 17:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Packages [2012-11-16 17:15:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Videoer [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Temporary Internet Files [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Skabeloner [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\SendTo [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Recent [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Printere [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Oversigt [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Musik [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Menuen Start [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Lokale indstillinger [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Dokumenter [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Cookies [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Billeder [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Application Data [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Application Data [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Andre computere [2012-11-16 17:10:27 | 000,000,000 | --SD | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Favorites [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Desktop [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2012-11-16 17:10:27 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\AppData [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Temp [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Microsoft [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-11-16 17:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-11-16 17:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-11-16 17:06:30 | 000,000,000 | ---D | C] -- C:\Windows.old [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2012-11-16 16:47:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2012-11-15 11:51:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Drug Lords [2012-11-15 10:52:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2012-11-15 10:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wimp [2012-11-15 09:20:41 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.stencylworks [2012-11-15 09:20:38 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl [2012-11-14 18:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012-11-14 18:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012-11-14 17:58:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\NVIDIA [2012-11-14 17:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012-11-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-11-14 17:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spool [2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-11-14 17:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2012-11-14 17:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012-11-14 17:40:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes [2012-11-14 17:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-11-14 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\deluge [2012-11-14 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge [2012-11-14 17:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge [2012-11-14 15:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stencyl [2012-11-14 15:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stencyl [2012-11-14 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.oces2 [2012-11-14 15:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012-11-14 15:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-11-14 15:25:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2012-11-14 15:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-11-14 09:19:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF [2012-11-14 09:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SumatraPDF [2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-11-12 00:11:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VMware [2012-11-12 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\VMware [2012-11-12 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2012-11-11 10:27:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Skype [2012-11-11 10:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-11-11 10:27:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-11-11 10:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-11-10 19:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\NAPP_Dism_Log [2012-11-10 18:10:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\mypaint [2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPaint [2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPaint [2012-11-10 18:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyPaint [2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development [2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development [2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Zame [2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack [2012-11-10 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Adobe [2012-11-10 15:51:53 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Dropbox [2012-11-10 15:50:40 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012-11-10 15:50:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox [2012-11-10 15:39:31 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Page File [2012-11-10 14:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-11-10 14:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-11-10 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Wat [2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Wat [2012-11-10 12:21:23 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Story File [2012-11-10 12:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alias [2012-11-10 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\WTablet [2012-11-10 12:15:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet [2012-11-10 12:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2012-11-10 12:15:05 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys [2012-11-10 12:15:02 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys [2012-11-10 12:15:02 | 000,013,728 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys [2012-11-10 12:14:56 | 001,981,312 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll [2012-11-10 12:14:56 | 001,974,144 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll [2012-11-10 12:14:56 | 001,843,072 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll [2012-11-10 12:14:56 | 001,840,000 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll [2012-11-10 12:14:56 | 001,628,032 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll [2012-11-10 12:14:56 | 001,621,376 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll [2012-11-10 12:14:56 | 001,509,248 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll [2012-11-10 12:14:56 | 001,505,152 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll [2012-11-10 12:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2012-11-10 12:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins [2012-11-10 12:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS [2012-11-10 12:04:09 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro [2012-11-10 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Smith Micro [2012-11-10 12:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0 [2012-11-10 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smith Micro [2012-11-10 12:00:54 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk [2012-11-10 12:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [2012-11-10 12:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk [2012-11-10 11:58:04 | 000,000,000 | ---D | C] -- C:\temp [2012-11-10 11:57:27 | 000,000,000 | ---D | C] -- C:\Autodesk [2012-11-10 11:47:15 | 000,000,000 | ---D | C] -- C:\World of Warcraft [2012-11-10 11:44:02 | 000,000,000 | ---D | C] -- C:\avast! sandbox [2012-11-10 11:41:38 | 000,285,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-11-10 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\EgisTec IPS [2012-11-10 11:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-11-10 11:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012-11-10 11:33:12 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Google [2012-11-10 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Apps [2012-11-10 11:32:43 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Adobe [2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie [2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR [2012-11-10 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\InstallShield [2012-11-10 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\OEM [2012-11-10 11:25:03 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Searches [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-11-10 11:24:56 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012-11-10 11:24:49 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Contacts [2012-11-10 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Identities [2012-11-10 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VirtualStore [2012-11-10 11:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Accessory Store [2012-11-10 11:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Videos [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Saved Games [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Pictures [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Music [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Links [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Downloads [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Documents [2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Media Center Programs [2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Macromedia [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Programmer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter [2012-11-10 11:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2012-11-10 11:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-11-10 11:07:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady [2012-11-10 11:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2012-11-10 11:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012-11-10 11:03:59 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll [2012-11-10 11:03:59 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll [2012-11-10 11:03:59 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll [2012-11-10 11:03:59 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll [2012-11-10 11:03:59 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll [2012-11-10 11:03:59 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll [2012-11-10 11:03:59 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll [2012-11-10 11:03:59 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll [2012-11-10 11:03:59 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek2.dll [2012-11-10 11:03:59 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll [2012-11-10 11:03:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll [2012-11-10 11:03:59 | 000,527,872 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll [2012-11-10 11:03:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll [2012-11-10 11:03:59 | 000,515,584 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll [2012-11-10 11:03:59 | 000,439,808 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll [2012-11-10 11:03:59 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll [2012-11-10 11:03:59 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll [2012-11-10 11:03:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll [2012-11-10 11:03:59 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll [2012-11-10 11:03:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll [2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll [2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll [2012-11-10 11:03:59 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll [2012-11-10 11:03:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll [2012-11-10 11:03:59 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll [2012-11-10 11:03:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll [2012-11-10 11:03:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll [2012-11-10 11:03:59 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll [2012-11-10 11:03:59 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll [2012-11-10 11:03:59 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll [2012-11-10 11:03:59 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll [2012-11-10 11:03:59 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll [2012-11-10 11:03:59 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll [2012-11-10 11:03:59 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll [2012-11-10 11:03:59 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll [2012-11-10 11:03:58 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll [2012-11-10 11:03:58 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll [2012-11-10 11:03:58 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll [2012-11-10 11:03:58 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll [2012-11-10 11:03:58 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll [2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll [2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll [2012-11-10 11:03:58 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll [2012-11-10 11:03:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012-11-10 11:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012-11-10 11:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-11-10 11:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012-11-10 11:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-11-10 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012-11-10 11:00:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012-11-10 10:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-11-10 10:55:03 | 000,000,000 | -H-D | C] -- C:\book [2012-11-10 10:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem [2012-11-10 10:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-11-10 10:50:35 | 000,068,928 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2012-11-10 10:50:35 | 000,061,248 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2012-11-10 10:47:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll [2012-11-10 10:47:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012-11-10 10:47:55 | 000,000,000 | -H-D | C] -- C:\Intel [2012-11-10 10:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-11-10 10:44:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012-11-22 10:56:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-11-22 10:53:38 | 001,379,886 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2012-11-22 10:53:38 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2012-11-22 10:53:38 | 000,463,600 | ---- | M] () -- C:\WINDOWS\SysNative\perfh006.dat [2012-11-22 10:53:38 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2012-11-22 10:53:38 | 000,079,354 | ---- | M] () -- C:\WINDOWS\SysNative\perfc006.dat [2012-11-22 10:50:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-11-22 10:48:43 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-11-22 10:48:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012-11-22 10:48:13 | 4254,535,678 | -HS- | M] () -- C:\hiberfil.sys [2012-11-22 10:47:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts [2012-11-22 00:05:14 | 000,000,824 | ---- | M] () -- C:\Users\jn2002dk\Documents\hosts [2012-11-21 23:38:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-11-21 17:23:30 | 004,847,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012-11-21 17:12:46 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe [2012-11-21 09:58:22 | 000,001,794 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2012-11-19 22:13:35 | 000,049,434 | ---- | M] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html [2012-11-19 22:09:35 | 000,001,837 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-11-19 21:55:23 | 000,001,525 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk [2012-11-19 12:15:53 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012-11-19 12:12:56 | 000,000,813 | ---- | M] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel [2012-11-19 11:53:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Construct 2.lnk [2012-11-18 10:46:01 | 000,237,914 | ---- | M] () -- C:\Users\jn2002dk\Desktop\speccy.jpg [2012-11-18 10:45:00 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk [2012-11-17 15:33:50 | 000,867,584 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf [2012-11-17 15:33:05 | 000,063,052 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg [2012-11-17 15:32:57 | 001,078,245 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.psd [2012-11-16 21:40:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012-11-16 20:58:46 | 000,599,929 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.psd [2012-11-16 20:55:40 | 000,913,408 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.sai [2012-11-16 19:28:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-11-16 17:43:38 | 000,001,304 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk [2012-11-16 17:33:31 | 000,000,900 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk [2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2012-11-16 17:14:41 | 000,022,852 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-15 21:45:53 | 001,196,032 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.sai [2012-11-15 20:51:56 | 000,540,385 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.psd [2012-11-15 20:51:53 | 000,075,244 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg [2012-11-15 20:46:14 | 001,159,168 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.sai [2012-11-15 10:52:21 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\Wimp.lnk [2012-11-15 09:21:19 | 000,000,995 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk [2012-11-14 17:23:58 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Deluge.lnk [2012-11-12 00:14:03 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-11-12 00:06:52 | 001,289,942 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012-11-11 20:57:59 | 000,071,190 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Image001.jpg [2012-11-11 16:19:10 | 000,000,975 | ---- | M] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk [2012-11-11 15:10:52 | 002,314,240 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.sai [2012-11-10 23:11:02 | 001,323,008 | ---- | M] () -- C:\Users\jn2002dk\Documents\face.sai [2012-11-10 19:39:42 | 000,011,453 | ---- | M] () -- C:\WINDOWS\ChangeLang_Done.tag [2012-11-10 19:21:36 | 000,840,071 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf [2012-11-10 19:21:17 | 000,228,495 | ---- | M] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg [2012-11-10 19:19:59 | 000,001,035 | ---- | M] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk [2012-11-10 18:01:53 | 000,007,752 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg [2012-11-10 17:49:30 | 000,016,835 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.png [2012-11-10 17:46:56 | 000,010,200 | ---- | M] () -- C:\Users\jn2002dk\Documents\birds.jpg [2012-11-10 17:44:13 | 000,002,246 | ---- | M] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk [2012-11-10 15:51:53 | 000,001,049 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk [2012-11-10 15:50:45 | 000,001,059 | ---- | M] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-11-10 12:07:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf [2012-11-10 12:02:24 | 000,001,310 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk [2012-11-10 12:00:53 | 000,002,144 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2012-11-10 12:00:53 | 000,002,121 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk [2012-11-10 12:00:53 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk [2012-11-10 11:41:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt [2012-11-10 11:33:59 | 000,002,297 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk [2012-11-10 11:32:35 | 000,001,449 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-11-10 11:32:35 | 000,000,221 | -HS- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2012-11-10 11:30:39 | 000,001,155 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:30:39 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:09:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk [2012-11-10 11:08:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Media.lnk [2012-11-10 11:01:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2012-10-29 08:14:20 | 001,981,312 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll [2012-10-29 08:14:20 | 001,974,144 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll [2012-10-29 08:14:20 | 001,843,072 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll [2012-10-29 08:14:18 | 001,840,000 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll [2012-10-29 08:14:16 | 001,628,032 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll [2012-10-29 08:14:16 | 001,621,376 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll [2012-10-29 08:14:16 | 001,509,248 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll [2012-10-29 08:14:16 | 001,505,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll ========== Files Created - No Company Name ========== [2012-11-22 00:05:14 | 000,000,824 | ---- | C] () -- C:\Users\jn2002dk\Documents\hosts [2012-11-21 17:23:19 | 004,847,728 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012-11-19 22:13:35 | 000,049,434 | ---- | C] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html [2012-11-19 22:09:35 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-11-19 22:09:35 | 000,001,837 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-11-19 21:54:56 | 000,001,525 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk [2012-11-19 12:19:38 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.lnk [2012-11-19 12:15:53 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012-11-19 12:12:56 | 000,000,813 | ---- | C] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel [2012-11-19 11:53:28 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Construct 2.lnk [2012-11-19 11:53:28 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\Construct 2.lnk [2012-11-18 10:46:01 | 000,237,914 | ---- | C] () -- C:\Users\jn2002dk\Desktop\speccy.jpg [2012-11-18 10:45:00 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk [2012-11-17 15:58:30 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk [2012-11-17 15:33:05 | 000,063,052 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg [2012-11-17 15:29:33 | 000,867,584 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf [2012-11-17 15:22:46 | 001,078,245 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.psd [2012-11-16 21:40:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012-11-16 20:56:07 | 000,599,929 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.psd [2012-11-16 20:55:40 | 000,913,408 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.sai [2012-11-16 19:28:08 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-11-16 17:44:48 | 000,361,934 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2012-11-16 17:44:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll [2012-11-16 17:44:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012-11-16 17:34:04 | 000,001,304 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk [2012-11-16 17:34:04 | 000,000,900 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk [2012-11-16 17:34:02 | 000,001,794 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2012-11-16 17:25:05 | 000,001,442 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-11-16 17:14:41 | 000,022,852 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2012-11-16 17:10:27 | 000,000,352 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012-11-16 17:10:27 | 000,000,334 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012-11-16 17:09:07 | 002,689,224 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2012-11-16 17:07:15 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2012-11-16 15:44:44 | 4254,535,678 | -HS- | C] () -- C:\hiberfil.sys [2012-11-15 21:45:03 | 001,196,032 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.sai [2012-11-15 20:51:53 | 000,075,244 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg [2012-11-15 20:46:28 | 000,540,385 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.psd [2012-11-15 20:46:14 | 001,159,168 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.sai [2012-11-15 10:52:21 | 000,000,799 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wimp.lnk [2012-11-15 10:52:21 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\Wimp.lnk [2012-11-15 09:21:19 | 000,000,995 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk [2012-11-14 18:23:10 | 000,001,618 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.lnk [2012-11-14 18:22:53 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2012-11-14 18:22:45 | 000,001,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2012-11-14 18:22:04 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2012-11-14 18:22:02 | 000,001,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2012-11-14 18:21:48 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012-11-14 17:57:20 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk [2012-11-14 17:57:05 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk [2012-11-14 17:56:31 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk [2012-11-14 17:56:23 | 000,001,400 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk [2012-11-14 17:55:50 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk [2012-11-14 17:55:19 | 000,001,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk [2012-11-14 17:55:15 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2012-11-14 17:23:58 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Deluge.lnk [2012-11-14 09:19:16 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [2012-11-12 00:14:03 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-11-12 00:06:52 | 001,289,942 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012-11-11 16:19:04 | 000,071,190 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Image001.jpg [2012-11-11 14:43:04 | 002,314,240 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.sai [2012-11-10 23:11:02 | 001,323,008 | ---- | C] () -- C:\Users\jn2002dk\Documents\face.sai [2012-11-10 19:42:23 | 000,011,453 | ---- | C] () -- C:\WINDOWS\ChangeLang_Done.tag [2012-11-10 19:19:59 | 000,001,035 | ---- | C] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk [2012-11-10 18:09:59 | 000,000,975 | ---- | C] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk [2012-11-10 18:01:53 | 000,007,752 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg [2012-11-10 17:50:14 | 000,840,071 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf [2012-11-10 17:49:30 | 000,016,835 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.png [2012-11-10 17:46:56 | 000,010,200 | ---- | C] () -- C:\Users\jn2002dk\Documents\birds.jpg [2012-11-10 17:44:13 | 000,002,246 | ---- | C] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk [2012-11-10 17:34:53 | 000,228,495 | ---- | C] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg [2012-11-10 15:51:53 | 000,001,049 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk [2012-11-10 15:50:45 | 000,001,059 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTouchTabletUserDefaults.xml [2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTabletUserDefaults.xml [2012-11-10 12:07:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf [2012-11-10 12:02:24 | 000,001,310 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk [2012-11-10 12:00:53 | 000,002,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2012-11-10 12:00:53 | 000,002,121 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk [2012-11-10 12:00:53 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk [2012-11-10 11:54:00 | 000,016,366 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb [2012-11-10 11:41:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt [2012-11-10 11:33:59 | 000,002,297 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk [2012-11-10 11:33:15 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-11-10 11:33:13 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-11-10 11:32:35 | 000,001,449 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-11-10 11:30:39 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:30:39 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:23:19 | 000,000,221 | -HS- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2012-11-10 11:09:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk [2012-11-10 11:08:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Media.lnk [2012-11-10 11:07:58 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012-11-10 11:03:59 | 000,181,324 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT [2012-11-10 11:03:19 | 000,015,128 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\IntelMEFWVer.dll [2012-11-10 11:01:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012-07-20 21:35:06 | 000,428,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvStreaming.exe [2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2012-02-02 22:08:26 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-10-11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-10-11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012-11-10 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk [2012-11-17 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-11-15 10:52:28 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2012-11-19 12:12:56 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\deluge [2012-11-22 10:49:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox [2012-11-21 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla [2012-11-17 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer [2012-11-10 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\OEM [2012-11-19 22:09:37 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Opera [2012-11-10 11:25:03 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver [2012-11-10 12:04:09 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro [2012-11-21 23:30:29 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl [2012-11-14 09:19:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF [2012-11-10 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development ========== Purity Check ========== < End of report >
  5. jn2002dk
    Hello ADWCleaner log # AdwCleaner v2.008 - Logfil lavet d. 22/11/2012 kl. 10:45:27 # Opdateret d. 17/11/2012 af Xplode # Operativ system : Windows 8 Pro (64 bits) # Bruger : jn2002dk - JN2002DK-PC # Boot Mode : Normal # Kører fra : C:\Users\jn2002dk\Desktop\Malware tools\AdwCleaner.exe # Indstilling [søg] ***** [servicer] ***** ***** [Filer / Mapper] ***** ***** [Registeret] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.10.9200.16433 [OK] Registeret er rent. -\\ Google Chrome v [Kan ikke hente version] Filer : C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Filen er ren. -\\ Opera v12.10.1652.0 Filer : C:\Users\jn2002dk\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Filen er ren. ************************* AdwCleaner[R1].txt - [802 octets] - [22/11/2012 10:45:27] ########## EOF - C:\AdwCleaner[R1].txt - [861 octets] ##########
  6. jn2002dk
    Hello Jeff CKScanner 2.1 - Additional Security Risks - These are not necessarily bad scanner sequence 3.MN.11.EPABCJ ----- EOF -----
  7. jn2002dk
    OTL Extras logfile created on: 21-11-2012 19:18:45 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16433) Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy 15,95 Gb Total Physical Memory | 13,86 Gb Available Physical Memory | 86,88% Memory free 31,95 Gb Paging File | 29,59 Gb Available in Paging File | 92,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,95 Gb Total Space | 337,18 Gb Free Space | 73,95% Space Free | Partition Type: NTFS Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4653038E-7022-40C5-826E-47EB59F7AF91}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{94E56B75-2815-450D-88FB-E732EA34490B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{CBEF7F31-C0EC-4C0C-B9D8-0FCEC287BCF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0357D592-B3BF-4CCB-97BD-27B519D67359}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{04351828-F3FE-446A-B43C-33BC266A539B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{0A980157-11B6-42F1-8B2D-6974B327910C}" = dir=in | name=jetpack joyride | "{0CEAAFD2-6213-476F-8FE7-6E1A3E1FBCAD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{0D34A57D-6D5F-4F01-A52E-B13D97ADF325}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{0F9787CE-7BEE-4DD9-8C14-CC82CDB31937}" = protocol=6 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe | "{17F7E615-8139-4CC6-86F5-480678A712E0}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{19F87F94-7F21-4BB5-A68A-43F0D16E42BC}" = dir=out | name=dansk tv guide | "{23572596-3B2A-42EF-909A-1DEA2BC90701}" = dir=out | name=google search | "{28407D69-01B4-4838-B0B7-4F1A21AA1229}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\musicplayer.exe | "{3291183B-49B1-4337-A902-B85960C11F24}" = dir=out | name=jetpack joyride | "{33A37FED-A10C-4C44-B566-2B8C36DE1A0D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{34A8C487-D113-48AB-88DB-7C55E512A16E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{356683B8-14E6-472D-A9BA-0E7AADAC4121}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{3725EDE0-49FB-40A9-927F-5A1D3C8CEBB6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{3E0F4F49-4397-49C8-BA83-81638F46E630}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{4148A774-16B4-4D51-B96C-D0A2E9FAFADF}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe | "{443DCA72-E271-4EE1-A395-861226EAC462}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{4FEFEF60-A1B9-474C-9AE6-2613E396CAD9}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{5A0CE3E1-DA61-4DA2-80A2-3C359058C81C}" = dir=out | name=reckless racing ultimate | "{5CF0E3EA-6761-446D-A32F-E9B17E4ED708}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{61A1DE9E-678C-4B90-AE52-0F47B6CF8C81}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{65A2AF69-8120-46C2-9EF0-F237BD970FCB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{6E374CC6-3462-4C9A-A89F-3720F251687E}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{6E70595C-E3C8-4FAA-B931-A910FC9AB3A2}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{708F3E45-8EDE-4E78-90EC-8FDED35B43C1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{7234C830-0D55-4BAE-A425-B88581B96490}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{7529D910-9EA1-4135-B060-A318FBD236FC}" = dir=out | name=netflix | "{7A01CF71-AA1B-47AC-B582-6109BAE4F0B4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{7EAA6D7E-B470-4259-8DD5-3B1D7E63CDDC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | "{7F997D3B-CD26-4B44-8C2F-E95DD7A635A0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{82CD5FDB-B80F-49AD-AA53-725CC7341984}" = dir=out | name=windows_ie_ac_001 | "{84D18218-35AF-4090-A290-FD42EC198F6A}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{8503B0D7-78E6-448F-841F-E4A1EDBBA483}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{8751BC2E-EBFF-4206-A845-C563182B37D5}" = dir=out | name=@{microsoft.bingnews_1.5.1.409_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{88560705-D959-4425-8F07-C90835E5FB2C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{8EC83ABC-AE33-4878-A55D-A233D05EB92E}" = protocol=17 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe | "{9355FF3C-6304-4B85-94B3-ACD46A90A8D7}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{94E84627-B5EB-4495-8261-84BF5408423E}" = dir=out | name=@{microsoft.bing_1.5.1.251_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{A3565842-C2A0-40BD-AAB2-D45056B1E5EF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{A6180B5A-A17D-4197-B827-6142FEB04A99}" = dir=out | name=@{microsoft.bingsports_1.5.1.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{B14DF630-4826-4D41-8CB8-5C13143DB6F6}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{CAC45CDE-4193-4DE4-96B9-376C418503FD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{D1E5BA24-96CA-46A1-8A60-3F88C3A12FF4}" = dir=out | name=@{microsoft.bingtravel_1.5.1.248_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{D1E800B9-F28B-4256-8DB1-D35E42AA2D59}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{D2F71B1D-9610-41F0-A01B-056ACEFDB8D6}" = dir=out | name=fresh paint | "{D45CA416-E994-49BC-A076-21DE8329D79A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{DD095A4C-C7E1-492A-8262-4BB19864BA8E}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{E1B1A5C0-3107-4E04-99D0-7FB7EEA2BFDF}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{E1CC83E1-08B4-4201-BFE1-B6622822D7BF}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\videoplayer.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{F03D8AC6-0802-49BD-8698-7DDA613A2C68}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{F600C358-0B22-46B1-B55B-F0AF9AAFD2F4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "TCP Query User{50856051-06F3-482D-A00B-8B23CC86F9EF}C:\program files (x86)\deluge\deluged.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deluge\deluged.exe | "TCP Query User{6166D556-B1EF-43D9-8B81-254ADE9E8AF8}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "TCP Query User{714DD68D-B28D-40B3-A700-F2E09AFDFA35}C:\program files (x86)\deluge\deluge.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deluge\deluge.exe | "TCP Query User{E5381B10-D229-489A-BFE2-4C7C1DED0462}C:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{2E95C977-5296-4F6B-9480-76BAEEFB0C25}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "UDP Query User{79CBD226-6369-497A-82AC-28D94AC09220}C:\program files (x86)\deluge\deluge.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deluge\deluge.exe | "UDP Query User{C7139AE2-55A2-4036-86EA-8E16C6412725}C:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{D4EDDACC-595F-4A3F-89D7-38C19120A8D9}C:\program files (x86)\deluge\deluged.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deluge\deluged.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{75E2C40C-4345-4DD0-B5B3-B8EB92EEECB5}" = Microsoft Web Platform Installer 4.0 "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision-driver 305.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Kontrolpanel 305.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdriver 305.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controllerdriver 305.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-systemsoftware 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-lyddriver 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "CCleaner" = CCleaner "Construct 2_is1" = Construct 2 r108.2 "Sandboxie" = Sandboxie 3.74 (64-bit) "Speccy" = Speccy "Wacom Tablet Driver" = Wacom Tablet "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{2397AAEE-782B-DBB4-D6D4-1EC4D477B9B9}" = Wimp 1.3.7.10 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger "{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}" = clear.fi SDK - MVP 2 "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5 "{C7C8BE4E-428D-4AA9-B7D4-EA4313BDB90E}" = Autodesk SketchBook Pro 6 "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger "{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3580358-0F78-402A-BE53-2E9D06383E04}" = NETGEAR WNA3100M N300 Wireless USB Adapter "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}" = clear.fi SDK- Movie 2 "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger "{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger "{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F77EF646-19EB-11E1-9A9E-984BE15F174E}" = Evernote v. 4.5.2 "{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = Wimp 1.3.7.10 "Deluge" = Deluge 1.3.5 "FileZilla Client" = FileZilla Client 3.6.0.1 "Google Chrome" = Google Chrome "Hotkey Utility" = Hotkey Utility "Identity Card" = Identity Card "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "Manga Studio EX 4.0" = Manga Studio EX 4.0 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Opera 12.10.1652" = Opera 12.10 "Stencyl" = Stencyl "SumatraPDF" = SumatraPDF "VirtualCloneDrive" = VirtualCloneDrive "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "MyPaint" = MyPaint 1.0.0 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 16-11-2012 11:12:22 | Computer Name = jn2002dk-Pc | Source = ESENT | ID = 492 Description = Windows (6992) Windows: The logfile sequence in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup. Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = Windows Search Service | ID = 7040 Description = Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = Windows Search Service | ID = 7042 Description = Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = ESENT | ID = 104 Error - 16-11-2012 11:45:10 | Computer Name = jn2002dk-Pc | Source = WinMgmt | ID = 10 Description = Error - 16-11-2012 11:48:35 | Computer Name = jn2002dk-Pc | Source = WinMgmt | ID = 10 Description = Error - 16-11-2012 12:14:56 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: WifiSvc.exe, version: 2.1.0.24, tidsstempel: 0x4edf37e5 Navn på modul med fejl: RtlLib.dll, version: 700.1079.908.2011, tidsstempel: 0x4eb3c1ac Undtagelseskode: 0xc0000005 Forskydning med fejl 0x00011764 Proces-id 0x770 Programmets starttidspunkt 0x01cdc41560c293f6 Programsti: C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe Modulsti: C:\Program Files (x86)\NETGEAR\WNA3100M\RtlLib.dll Rapport-id: c2629452-3008-11e2-be66-e840f2c9212c Fuldt navn på program med fejl: Relativt program-id for program med fejl: Error - 17-11-2012 05:20:09 | Computer Name = jn2002dk-Pc | Source = ESENT | ID = 489 Description = taskhostex (22128) An attempt to open the file "C:\Users\jn2002dk\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "Processen kan ikke få adgang til filen, da den bruges af en anden proces. ". The open file operation will fail with error -1032 (0xfffffbf8). Error - 17-11-2012 09:11:37 | Computer Name = jn2002dk-Pc | Source = Microsoft-Windows-Backup | ID = 517 Description = Den sikkerhedskopiering, der startede kl. '2012-11-17T13:11:08.990196200Z', mislykkedes med fejlkoden '0x8007000d' (%%2147942413). Gennemse hændelsesdetaljerne for at finde en løsning, og kør derefter sikkerhedskopieringen igen, når problemet er løst. Error - 18-11-2012 18:18:04 | Computer Name = jn2002dk-Pc | Source = .NET Runtime | ID = 1026 Description = Error - 18-11-2012 18:18:04 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: Netflix.exe, version: 1.1.0.28, tidsstempel: 0x50a4088d Navn på modul med fejl: KERNELBASE.dll, version: 6.2.9200.16384, tidsstempel: 0x5010ab2d Undtagelseskode: 0xe0434352 Forskydning med fejl 0x00000000000189cc Proces-id 0x1ad88 Programmets starttidspunkt 0x01cdc5da854ab8ed Programsti: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_1.1.0.28_x64__mcm4njqhnhss8\Netflix.exe Modulsti: C:\WINDOWS\system32\KERNELBASE.dll Rapport-id: d1e19360-31cd-11e2-be67-e840f2c9212c Fuldt navn på program med fejl: 4DF9E0F8.Netflix_1.1.0.28_x64__mcm4njqhnhss8 Relativt program-id for program med fejl: App Error - 19-11-2012 07:35:39 | Computer Name = jn2002dk-Pc | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = App‘en DefaultBrowser_NOPUBLISHERID!Chrome blev ikke startet inden for den angivne tid. Error - 19-11-2012 08:31:00 | Computer Name = jn2002dk-Pc | Source = SideBySide | ID = 16842785 Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll". Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet. Anvend sxstrace.exe til detaljeret diagnose. Error - 19-11-2012 08:31:00 | Computer Name = jn2002dk-Pc | Source = SideBySide | ID = 16842785 Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll". Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet. Anvend sxstrace.exe til detaljeret diagnose. Error - 19-11-2012 08:31:01 | Computer Name = jn2002dk-Pc | Source = SideBySide | ID = 16842785 Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll". Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet. Anvend sxstrace.exe til detaljeret diagnose. Error - 19-11-2012 08:31:01 | Computer Name = jn2002dk-Pc | Source = SideBySide | ID = 16842785 Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll". Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet. Anvend sxstrace.exe til detaljeret diagnose. Error - 21-11-2012 12:15:02 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0004f44d Proces-id 0x35694 Programmets starttidspunkt 0x01cdc8031298ace9 Programsti: C:\Users\jn2002dk\Downloads\aswMBR.exe Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 99d0f14e-33f6-11e2-be67-e840f2c9212c Fuldt navn på program med fejl: Relativt program-id for program med fejl: Error - 21-11-2012 12:16:16 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0004f44d Proces-id 0x336c8 Programmets starttidspunkt 0x01cdc80375a9fba4 Programsti: C:\Users\jn2002dk\Downloads\aswMBR.exe Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: c61aa38f-33f6-11e2-be67-e840f2c9212c Fuldt navn på program med fejl: Relativt program-id for program med fejl: Error - 21-11-2012 12:20:26 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0004f44d Proces-id 0x3568c Programmets starttidspunkt 0x01cdc804056ea764 Programsti: C:\Users\jn2002dk\Desktop\aswMBR.exe Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 5b64b280-33f7-11e2-be67-e840f2c9212c Fuldt navn på program med fejl: Relativt program-id for program med fejl: Error - 21-11-2012 12:24:42 | Computer Name = jn2002dk-Pc | Source = Application Error | ID = 1000 Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0004f44d Proces-id 0x77c Programmets starttidspunkt 0x01cdc804a6c8d23f Programsti: C:\Users\jn2002dk\Desktop\aswMBR.exe Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: f3a88f05-33f7-11e2-be68-e840f2c9212c Fuldt navn på program med fejl: Relativt program-id for program med fejl: Error encountered while reading event logs. < End of report >
  8. jn2002dk
    OTL logfile created on: 21-11-2012 19:18:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16433) Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy 15,95 Gb Total Physical Memory | 13,86 Gb Available Physical Memory | 86,88% Memory free 31,95 Gb Paging File | 29,59 Gb Available in Paging File | 92,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,95 Gb Total Space | 337,18 Gb Free Space | 73,95% Space Free | Partition Type: NTFS Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\jn2002dk\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programmer\WindowsApps\Microsoft.Studios.RecklessRacingUltimate_1.2.6.0_x86__8wekyb3d8bbwe\RRU.exe () PRC - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Programmer\Tablet\Wacom\WacomHost.exe (Wacom Technology) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () PRC - C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe () PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) ========== Modules (No Company Name) ========== MOD - C:\Programmer\WindowsApps\Microsoft.Studios.RecklessRacingUltimate_1.2.6.0_x86__8wekyb3d8bbwe\RRU.exe () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll () ========== Services (SafeList) ========== SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service 64) -- C:\Programmer\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (WTabletServicePro) -- C:\Programmer\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology, Corp.) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (SbieSvc) -- C:\Programmer\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Live Updater Service) -- C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) SRV - (Intel® -- C:\Programmer\Intel\iCLS Client\HeciServer.exe (Intel® Corporation) SRV - (WSWNA3100M) -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe () SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\Drivers\wacomrouterfilter.sys (Wacom Technology) DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\Drivers\wachidrouter.sys (Wacom Technology) DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\Drivers\hidkmdf.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (wna3100m) -- C:\Windows\SysNative\Drivers\wna3100m.sys (NETGEAR Corporation ) DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\Drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\Drivers\ViaHub3.sys (VIA Technologies, Inc.) DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\Drivers\xhcdrv.sys (VIA Technologies, Inc.) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\Drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\Drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\Drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\Drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (adfs) -- C:\WINDOWS\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\Drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\Drivers\EtronXHCI.sys (Etron Technology Inc) DRV - (SbieDrv) -- C:\Programmer\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (adfs) -- C:\WINDOWS\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) ========== Chrome ========== CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Entanglement = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Bejeweled = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\ CHR - Extension: Angry Birds = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: Google Drive = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: Audiotool = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\ CHR - Extension: YouTube = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Bouncy Mouse = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\ CHR - Extension: Google Search = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Cordy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjbkahdllcckjbjijejpmcgkkjpnnfk\15_0\ CHR - Extension: Bomomo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln\1_0\ CHR - Extension: Sumo Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod\3.7_0\ CHR - Extension: Sleepy Jack = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc\23_0\ CHR - Extension: Search All = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\ CHR - Extension: Recent History = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm\2.1.4.1_0\ CHR - Extension: AdBlock = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\ CHR - Extension: Vector Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo\3.0.0.0_0\ CHR - Extension: Isoball 3 = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\ CHR - Extension: Pixlr Editor = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\ CHR - Extension: LineBall = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\ CHR - Extension: Nano Ninja = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jommidhbgbbbbjddhmajdmeajfleineg\1.3.0_0\ CHR - Extension: Force Reload = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhgjeaffbhdcpflajldaijabgclfnoa\1.2_0\ CHR - Extension: Little Alchemy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\ CHR - Extension: Divvr = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackkieddhpmioebogincgkkcagabhgm\2.0_0\ CHR - Extension: Google Maps = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: Harmony = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0\ CHR - Extension: Poppit = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ CHR - Extension: ScriptNo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.2_0\ CHR - Extension: Mini Ninjas = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.16_0\ CHR - Extension: Bastion = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\ CHR - Extension: Gmail = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2010-04-30 14:56:09 | 000,001,798 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 125.252.224.90 O1 - Hosts: 127.0.0.1 125.252.224.91 O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - Startup: C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-11-10 11:57:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2012-11-02 16:01:37 | 044,851,551 | ---- | M] () - D:\Autodesk_Sketchbook_Pro_v6_Multilingual_WIN_32bit.exe -- [ NTFS ] O32 - AutoRun File - [2011-11-14 23:15:54 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\install.exe -- [2011-11-14 23:15:54 | 000,519,144 | R--- | M] (Adobe Systems, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012-11-21 17:55:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012-11-21 17:12:11 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe [2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Opera [2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Opera [2012-11-19 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012-11-19 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla [2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2012-11-19 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\New project [2012-11-19 11:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Construct 2 [2012-11-18 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [2012-11-18 10:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Mozilla [2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer [2012-11-17 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2012-11-17 14:28:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-11-16 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-11-16 19:28:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2012-11-16 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-11-16 17:53:44 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2012-11-16 17:34:38 | 000,000,000 | R--D | C] -- C:\Sandbox [2012-11-16 17:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie [2012-11-16 17:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Packages [2012-11-16 17:15:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Videoer [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Temporary Internet Files [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Skabeloner [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\SendTo [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Recent [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Printere [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Oversigt [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Musik [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Menuen Start [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Lokale indstillinger [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Dokumenter [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Cookies [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Billeder [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Application Data [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Application Data [2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Andre computere [2012-11-16 17:10:27 | 000,000,000 | --SD | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Favorites [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Desktop [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2012-11-16 17:10:27 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\AppData [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Temp [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Microsoft [2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-11-16 17:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-11-16 17:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012-11-16 17:06:30 | 000,000,000 | ---D | C] -- C:\Windows.old [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2012-11-16 16:47:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2012-11-15 11:51:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Drug Lords [2012-11-15 10:52:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2012-11-15 10:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wimp [2012-11-15 09:20:41 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.stencylworks [2012-11-15 09:20:38 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl [2012-11-14 18:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012-11-14 18:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012-11-14 17:58:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\NVIDIA [2012-11-14 17:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012-11-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-11-14 17:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spool [2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-11-14 17:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2012-11-14 17:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012-11-14 17:40:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes [2012-11-14 17:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-11-14 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\deluge [2012-11-14 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge [2012-11-14 17:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge [2012-11-14 15:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stencyl [2012-11-14 15:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stencyl [2012-11-14 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.oces2 [2012-11-14 15:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012-11-14 15:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-11-14 15:25:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2012-11-14 15:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012-11-14 09:19:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF [2012-11-14 09:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SumatraPDF [2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-11-12 00:11:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VMware [2012-11-12 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\VMware [2012-11-12 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2012-11-11 10:27:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Skype [2012-11-11 10:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-11-11 10:27:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012-11-11 10:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012-11-10 19:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\NAPP_Dism_Log [2012-11-10 18:10:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\mypaint [2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPaint [2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPaint [2012-11-10 18:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyPaint [2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development [2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development [2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Zame [2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack [2012-11-10 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Adobe [2012-11-10 15:51:53 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Dropbox [2012-11-10 15:50:40 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012-11-10 15:50:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox [2012-11-10 15:39:31 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Page File [2012-11-10 14:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-11-10 14:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-11-10 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Wat [2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Wat [2012-11-10 12:21:23 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Story File [2012-11-10 12:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alias [2012-11-10 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\WTablet [2012-11-10 12:15:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet [2012-11-10 12:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2012-11-10 12:15:05 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys [2012-11-10 12:15:02 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys [2012-11-10 12:15:02 | 000,013,728 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys [2012-11-10 12:14:56 | 001,981,312 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll [2012-11-10 12:14:56 | 001,974,144 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll [2012-11-10 12:14:56 | 001,843,072 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll [2012-11-10 12:14:56 | 001,840,000 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll [2012-11-10 12:14:56 | 001,628,032 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll [2012-11-10 12:14:56 | 001,621,376 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll [2012-11-10 12:14:56 | 001,509,248 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll [2012-11-10 12:14:56 | 001,505,152 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll [2012-11-10 12:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet [2012-11-10 12:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins [2012-11-10 12:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS [2012-11-10 12:04:09 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro [2012-11-10 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Smith Micro [2012-11-10 12:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0 [2012-11-10 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smith Micro [2012-11-10 12:00:54 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk [2012-11-10 12:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [2012-11-10 12:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk [2012-11-10 11:58:04 | 000,000,000 | ---D | C] -- C:\temp [2012-11-10 11:57:27 | 000,000,000 | ---D | C] -- C:\Autodesk [2012-11-10 11:47:15 | 000,000,000 | ---D | C] -- C:\World of Warcraft [2012-11-10 11:44:02 | 000,000,000 | ---D | C] -- C:\avast! sandbox [2012-11-10 11:41:38 | 000,285,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-11-10 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\EgisTec IPS [2012-11-10 11:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-11-10 11:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012-11-10 11:33:12 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Google [2012-11-10 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Apps [2012-11-10 11:32:43 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Adobe [2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie [2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR [2012-11-10 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\InstallShield [2012-11-10 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\OEM [2012-11-10 11:25:03 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Searches [2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-11-10 11:24:56 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012-11-10 11:24:49 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Contacts [2012-11-10 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Identities [2012-11-10 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VirtualStore [2012-11-10 11:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Accessory Store [2012-11-10 11:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Videos [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Saved Games [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Pictures [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Music [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Links [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Downloads [2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Documents [2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Media Center Programs [2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Macromedia [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Recovery [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Programmer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer [2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter [2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter [2012-11-10 11:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2012-11-10 11:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-11-10 11:07:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady [2012-11-10 11:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady [2012-11-10 11:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012-11-10 11:03:59 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll [2012-11-10 11:03:59 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll [2012-11-10 11:03:59 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll [2012-11-10 11:03:59 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll [2012-11-10 11:03:59 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll [2012-11-10 11:03:59 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll [2012-11-10 11:03:59 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll [2012-11-10 11:03:59 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll [2012-11-10 11:03:59 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek2.dll [2012-11-10 11:03:59 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll [2012-11-10 11:03:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll [2012-11-10 11:03:59 | 000,527,872 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll [2012-11-10 11:03:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll [2012-11-10 11:03:59 | 000,515,584 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll [2012-11-10 11:03:59 | 000,439,808 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll [2012-11-10 11:03:59 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll [2012-11-10 11:03:59 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll [2012-11-10 11:03:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll [2012-11-10 11:03:59 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll [2012-11-10 11:03:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll [2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll [2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll [2012-11-10 11:03:59 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll [2012-11-10 11:03:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll [2012-11-10 11:03:59 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll [2012-11-10 11:03:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll [2012-11-10 11:03:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll [2012-11-10 11:03:59 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll [2012-11-10 11:03:59 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll [2012-11-10 11:03:59 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll [2012-11-10 11:03:59 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll [2012-11-10 11:03:59 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll [2012-11-10 11:03:59 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll [2012-11-10 11:03:59 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll [2012-11-10 11:03:59 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll [2012-11-10 11:03:58 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll [2012-11-10 11:03:58 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll [2012-11-10 11:03:58 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll [2012-11-10 11:03:58 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll [2012-11-10 11:03:58 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll [2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll [2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll [2012-11-10 11:03:58 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll [2012-11-10 11:03:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012-11-10 11:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012-11-10 11:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-11-10 11:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012-11-10 11:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012-11-10 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012-11-10 11:00:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012-11-10 10:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-11-10 10:55:03 | 000,000,000 | -H-D | C] -- C:\book [2012-11-10 10:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem [2012-11-10 10:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-11-10 10:50:35 | 000,068,928 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2012-11-10 10:50:35 | 000,061,248 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2012-11-10 10:47:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll [2012-11-10 10:47:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012-11-10 10:47:55 | 000,000,000 | -H-D | C] -- C:\Intel [2012-11-10 10:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2012-11-10 10:44:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012-11-21 18:56:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-11-21 18:38:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-11-21 17:30:04 | 001,379,886 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2012-11-21 17:30:04 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2012-11-21 17:30:04 | 000,463,600 | ---- | M] () -- C:\WINDOWS\SysNative\perfh006.dat [2012-11-21 17:30:04 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2012-11-21 17:30:04 | 000,079,354 | ---- | M] () -- C:\WINDOWS\SysNative\perfc006.dat [2012-11-21 17:27:36 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-11-21 17:26:03 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-11-21 17:25:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012-11-21 17:25:23 | 4254,535,678 | -HS- | M] () -- C:\hiberfil.sys [2012-11-21 17:23:30 | 004,847,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012-11-21 17:12:46 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe [2012-11-21 09:58:22 | 000,001,794 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2012-11-19 22:13:35 | 000,049,434 | ---- | M] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html [2012-11-19 22:09:35 | 000,001,837 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012-11-19 21:55:23 | 000,001,525 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk [2012-11-19 12:15:53 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012-11-19 12:12:56 | 000,000,813 | ---- | M] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel [2012-11-19 11:53:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Construct 2.lnk [2012-11-18 10:46:01 | 000,237,914 | ---- | M] () -- C:\Users\jn2002dk\Desktop\speccy.jpg [2012-11-18 10:45:00 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk [2012-11-17 15:33:50 | 000,867,584 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf [2012-11-17 15:33:05 | 000,063,052 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg [2012-11-17 15:32:57 | 001,078,245 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.psd [2012-11-16 21:40:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012-11-16 20:58:46 | 000,599,929 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.psd [2012-11-16 20:55:40 | 000,913,408 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.sai [2012-11-16 19:28:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-11-16 17:43:38 | 000,001,304 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk [2012-11-16 17:33:31 | 000,000,900 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk [2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2012-11-16 17:14:41 | 000,022,852 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-15 21:45:53 | 001,196,032 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.sai [2012-11-15 20:51:56 | 000,540,385 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.psd [2012-11-15 20:51:53 | 000,075,244 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg [2012-11-15 20:46:14 | 001,159,168 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.sai [2012-11-15 10:52:21 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\Wimp.lnk [2012-11-15 09:21:19 | 000,000,995 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk [2012-11-14 17:23:58 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Deluge.lnk [2012-11-12 00:14:03 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-11-12 00:06:52 | 001,289,942 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012-11-11 20:57:59 | 000,071,190 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Image001.jpg [2012-11-11 16:19:10 | 000,000,975 | ---- | M] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk [2012-11-11 15:10:52 | 002,314,240 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.sai [2012-11-10 23:11:02 | 001,323,008 | ---- | M] () -- C:\Users\jn2002dk\Documents\face.sai [2012-11-10 19:39:42 | 000,011,453 | ---- | M] () -- C:\WINDOWS\ChangeLang_Done.tag [2012-11-10 19:21:36 | 000,840,071 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf [2012-11-10 19:21:17 | 000,228,495 | ---- | M] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg [2012-11-10 19:19:59 | 000,001,035 | ---- | M] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk [2012-11-10 18:01:53 | 000,007,752 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg [2012-11-10 17:49:30 | 000,016,835 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.png [2012-11-10 17:46:56 | 000,010,200 | ---- | M] () -- C:\Users\jn2002dk\Documents\birds.jpg [2012-11-10 17:44:13 | 000,002,246 | ---- | M] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk [2012-11-10 15:51:53 | 000,001,049 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk [2012-11-10 15:50:45 | 000,001,059 | ---- | M] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-11-10 12:07:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf [2012-11-10 12:02:24 | 000,001,310 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk [2012-11-10 12:00:53 | 000,002,144 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2012-11-10 12:00:53 | 000,002,121 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk [2012-11-10 12:00:53 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk [2012-11-10 11:41:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt [2012-11-10 11:33:59 | 000,002,297 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk [2012-11-10 11:32:35 | 000,001,449 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-11-10 11:32:35 | 000,000,221 | -HS- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2012-11-10 11:30:39 | 000,001,155 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:30:39 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:09:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk [2012-11-10 11:08:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Media.lnk [2012-11-10 11:01:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2012-10-29 08:14:20 | 001,981,312 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll [2012-10-29 08:14:20 | 001,974,144 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll [2012-10-29 08:14:20 | 001,843,072 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll [2012-10-29 08:14:18 | 001,840,000 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll [2012-10-29 08:14:16 | 001,628,032 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll [2012-10-29 08:14:16 | 001,621,376 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll [2012-10-29 08:14:16 | 001,509,248 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll [2012-10-29 08:14:16 | 001,505,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll ========== Files Created - No Company Name ========== [2012-11-21 17:23:19 | 004,847,728 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012-11-19 22:13:35 | 000,049,434 | ---- | C] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html [2012-11-19 22:09:35 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012-11-19 22:09:35 | 000,001,837 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012-11-19 21:54:56 | 000,001,525 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk [2012-11-19 12:19:38 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.lnk [2012-11-19 12:15:53 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012-11-19 12:12:56 | 000,000,813 | ---- | C] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel [2012-11-19 11:53:28 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Construct 2.lnk [2012-11-19 11:53:28 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\Construct 2.lnk [2012-11-18 10:46:01 | 000,237,914 | ---- | C] () -- C:\Users\jn2002dk\Desktop\speccy.jpg [2012-11-18 10:45:00 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk [2012-11-17 15:58:30 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk [2012-11-17 15:33:05 | 000,063,052 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg [2012-11-17 15:29:33 | 000,867,584 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf [2012-11-17 15:22:46 | 001,078,245 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.psd [2012-11-16 21:40:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2012-11-16 20:56:07 | 000,599,929 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.psd [2012-11-16 20:55:40 | 000,913,408 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.sai [2012-11-16 19:28:08 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-11-16 17:44:48 | 000,361,934 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2012-11-16 17:44:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll [2012-11-16 17:44:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012-11-16 17:34:04 | 000,001,304 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk [2012-11-16 17:34:04 | 000,000,900 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk [2012-11-16 17:34:02 | 000,001,794 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2012-11-16 17:25:05 | 000,001,442 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-11-16 17:14:41 | 000,022,852 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2012-11-16 17:10:27 | 000,000,352 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012-11-16 17:10:27 | 000,000,334 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012-11-16 17:09:07 | 002,689,224 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2012-11-16 17:07:15 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2012-11-16 15:44:44 | 4254,535,678 | -HS- | C] () -- C:\hiberfil.sys [2012-11-15 21:45:03 | 001,196,032 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.sai [2012-11-15 20:51:53 | 000,075,244 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg [2012-11-15 20:46:28 | 000,540,385 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.psd [2012-11-15 20:46:14 | 001,159,168 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.sai [2012-11-15 10:52:21 | 000,000,799 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wimp.lnk [2012-11-15 10:52:21 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\Wimp.lnk [2012-11-15 09:21:19 | 000,000,995 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk [2012-11-14 18:23:10 | 000,001,618 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.lnk [2012-11-14 18:22:53 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk [2012-11-14 18:22:45 | 000,001,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk [2012-11-14 18:22:04 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk [2012-11-14 18:22:02 | 000,001,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2012-11-14 18:21:48 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012-11-14 17:57:20 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk [2012-11-14 17:57:05 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk [2012-11-14 17:56:31 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk [2012-11-14 17:56:23 | 000,001,400 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk [2012-11-14 17:55:50 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk [2012-11-14 17:55:19 | 000,001,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk [2012-11-14 17:55:15 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2012-11-14 17:23:58 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Deluge.lnk [2012-11-14 09:19:16 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [2012-11-12 00:14:03 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-11-12 00:06:52 | 001,289,942 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012-11-11 16:19:04 | 000,071,190 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Image001.jpg [2012-11-11 14:43:04 | 002,314,240 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.sai [2012-11-10 23:11:02 | 001,323,008 | ---- | C] () -- C:\Users\jn2002dk\Documents\face.sai [2012-11-10 19:42:23 | 000,011,453 | ---- | C] () -- C:\WINDOWS\ChangeLang_Done.tag [2012-11-10 19:19:59 | 000,001,035 | ---- | C] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk [2012-11-10 18:09:59 | 000,000,975 | ---- | C] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk [2012-11-10 18:01:53 | 000,007,752 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg [2012-11-10 17:50:14 | 000,840,071 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf [2012-11-10 17:49:30 | 000,016,835 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.png [2012-11-10 17:46:56 | 000,010,200 | ---- | C] () -- C:\Users\jn2002dk\Documents\birds.jpg [2012-11-10 17:44:13 | 000,002,246 | ---- | C] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk [2012-11-10 17:34:53 | 000,228,495 | ---- | C] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg [2012-11-10 15:51:53 | 000,001,049 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk [2012-11-10 15:50:45 | 000,001,059 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTouchTabletUserDefaults.xml [2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTabletUserDefaults.xml [2012-11-10 12:07:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf [2012-11-10 12:02:24 | 000,001,310 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk [2012-11-10 12:00:53 | 000,002,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2012-11-10 12:00:53 | 000,002,121 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk [2012-11-10 12:00:53 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk [2012-11-10 11:54:00 | 000,016,366 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb [2012-11-10 11:41:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt [2012-11-10 11:33:59 | 000,002,297 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk [2012-11-10 11:33:15 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-11-10 11:33:13 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-11-10 11:32:35 | 000,001,449 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-11-10 11:30:39 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:30:39 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk [2012-11-10 11:23:19 | 000,000,221 | -HS- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2012-11-10 11:09:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk [2012-11-10 11:08:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Media.lnk [2012-11-10 11:07:58 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012-11-10 11:03:59 | 000,181,324 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT [2012-11-10 11:03:19 | 000,015,128 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\IntelMEFWVer.dll [2012-11-10 11:01:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012-07-20 21:35:06 | 000,428,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvStreaming.exe [2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2012-02-02 22:08:26 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-10-11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-10-11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012-11-10 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk [2012-11-17 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-11-15 10:52:28 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2012-11-19 12:12:56 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\deluge [2012-11-21 17:26:29 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox [2012-11-21 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla [2012-11-17 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer [2012-11-10 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\OEM [2012-11-19 22:09:37 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Opera [2012-11-10 11:25:03 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver [2012-11-10 12:04:09 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro [2012-11-19 17:32:38 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl [2012-11-14 09:19:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF [2012-11-10 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development ========== Purity Check ========== ========== Custom Scans ========== < MD5 for: EXPLORER.EXE > [2012-10-11 06:53:24 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=0AD19A3CA61271BA872AD90771BA47DC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe [2012-10-11 09:09:58 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=0DDFEAA2AA18D4295EF220EB666B2312 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe [2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old\Windows\explorer.exe [2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2012-07-26 04:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe [2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\SysWOW64\explorer.exe [2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2012-07-26 05:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe [2012-10-11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\SysWOW64\explorer.exe [2012-10-11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe [2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2012-10-11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\explorer.exe [2012-10-11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe < MD5 for: SVCHOST.EXE > [2012-07-26 04:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\SysWOW64\svchost.exe [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2012-07-26 07:12:50 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\$WINDOWS.~BT\Windows\System32\svchost.exe [2012-07-26 07:12:50 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe [2012-07-26 04:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe [2012-09-20 07:33:14 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=607F7CB143783A8F9BA058D2FC4F2D36 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe [2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [2012-09-20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe [2012-09-20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe [2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\System32\svchost.exe [2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe [2012-09-20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\WINDOWS\SysNative\svchost.exe [2012-09-20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe [2012-09-20 06:56:27 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=EEF5E64822C3E21B186EA53463BE92DA -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe < MD5 for: USERINIT.EXE > [2012-07-26 07:12:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\$WINDOWS.~BT\Windows\System32\userinit.exe [2012-07-26 07:12:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe [2012-07-26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\WINDOWS\SysNative\userinit.exe [2012-07-26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe [2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\SysWOW64\userinit.exe [2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2012-07-26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe [2012-07-26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe [2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old\Windows\System32\userinit.exe [2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old\Windows\System32\winlogon.exe [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012-09-20 07:33:55 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=1F84B5F8DBDFFD36DF143C61CE25F12A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe [2012-09-20 07:33:17 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=6522E98C94A2A81AE11EB66D2AF5743A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe [2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2012-07-26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe [2012-07-26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe [2012-07-26 04:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe [2012-10-11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\WINDOWS\SysNative\winlogon.exe [2012-10-11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe [2012-10-11 06:45:27 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=CBFD56B4EC07CB056A6ABD55DD33671F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe < End of report >
  9. jn2002dk
    Here is the log from the TDSSKiller scan TDSSKiller.2.8.15.0_21.11.2012_17.32.30_log.txt
  10. jn2002dk
    Just tried it in safemode but same error
  11. jn2002dk
    Hello Jeff and thank you for responding I've downloaded aswMBR but it can't finish the scan, it just gives me a generic windows error saying an issue has forced the program to close. I've tried running it normally and as administrator with the same result
  12. jn2002dk
    I had Malwarebytes Pro block 4 attemps at outgoing IP connections today while searching on google. I run win 8 64bit and chrome in sandboxie so i closed chrome and deleted the sandbox. Ran a malwarebytes scane and a windows defender scane, both came up empty handed but then i googled the IP address malwarebytes blocked and several sites listed it as having a bank trojan which made me paranoid Log DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16442 BrowserJavaVersion: 10.9.2 Run by jn2002dk at 16:36:31 on 2012-11-21 Microsoft Windows 8 Pro 6.2.9200.0.1252.45.1030.18.16333.14006 [GMT 1:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\Tablet\Wacom\WTabletServicePro.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\WINDOWS\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe -k GPSvcGroup C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\WLANExt.exe C:\WINDOWS\System32\LogonUI.exe C:\WINDOWS\System32\dwm.exe C:\WINDOWS\System32\LogonUI.exe C:\WINDOWS\System32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\System32\LogonUI.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\dwm.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Program Files\Tablet\Wacom\WacomHost.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Windows\System32\WWAHost.exe C:\WINDOWS\WinStore\WSHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.dk/ uDefault_Page_URL = hxxp://acer.msn.com mWinlogon: Userinit = userinit.exe BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s StartupFolder: C:\Users\jn2002dk\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\MENUEN~1\Programs\StartUp\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\MENUEN~1\Programs\StartUp\SKETCH~1.LNK - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 10.0.0.1 212.242.40.3 212.242.40.51 TCP: Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A} : DHCPNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 TCP: Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6} : DHCPNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-mStart Page = hxxp://acer.msn.com x64-mDefault_Page_URL = hxxp://acer.msn.com x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\System32\Drivers\mwlPSDFilter.sys [2012-3-8 22648] R1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\System32\Drivers\mwlPSDNserv.sys [2012-3-8 20520] R1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\System32\Drivers\mwlPSDVDisk.sys [2012-3-8 62776] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-2-29 28264] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-10 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-10 161560] R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-3-8 255376] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-16 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-16 676936] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-7-20 382312] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-10 363800] R2 WSWNA3100M;WSWNA3100M;C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [2012-11-10 303360] R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-11-10 613760] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-16 25928] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-8-25 202632] R3 wna3100m;NETGEAR WNA3100M N300 Wireless Mini USB Adapter;C:\WINDOWS\System32\Drivers\wna3100m.sys [2011-12-30 1094760] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 amdhub30;AMD USB 3.0 Hub Driver;C:\WINDOWS\System32\Drivers\amdhub30.sys [2012-3-8 87168] S3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\WINDOWS\System32\Drivers\amdxhc.sys [2012-3-8 188544] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\WINDOWS\System32\Drivers\EtronHub3.sys [2012-3-8 39936] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2012-3-8 64512] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-14 1038088] S3 hidkmdf;KMDF Driver;C:\WINDOWS\System32\Drivers\hidkmdf.sys [2012-11-10 13728] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\WINDOWS\System32\Drivers\nusb3hub.sys [2012-3-8 78848] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\WINDOWS\System32\Drivers\nusb3xhc.sys [2012-3-8 180224] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248] S3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\WINDOWS\System32\Drivers\ViaHub3.sys [2012-3-8 176640] S3 WacHidRouter;Wacom Hid Router;C:\WINDOWS\System32\Drivers\wachidrouter.sys [2012-11-10 81312] S3 wacomrouterfilter;Wacom Router Filter Driver;C:\WINDOWS\System32\Drivers\wacomrouterfilter.sys [2012-11-10 15776] S3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\WINDOWS\System32\Drivers\xhcdrv.sys [2012-3-8 230400] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== File Associations =============== . FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2012-11-21 10:23:03 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD361A0F-3405-45B2-BD31-94A0100D3582}\offreg.dll 2012-11-21 10:21:16 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD361A0F-3405-45B2-BD31-94A0100D3582}\mpengine.dll 2012-11-21 08:35:53 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-11-19 21:09:37 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Opera 2012-11-19 11:15:48 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes 2012-11-19 10:53:23 -------- d-----w- C:\Program Files\Construct 2 2012-11-18 09:44:52 -------- d-----w- C:\Program Files\Speccy 2012-11-17 15:13:35 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\KompoZer 2012-11-17 14:58:30 -------- d-----w- C:\Program Files\Microsoft 2012-11-17 13:28:59 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2012-11-16 20:00:08 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin 2012-11-16 18:28:04 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2012-11-16 18:28:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-16 16:53:44 -------- d-----r- C:\WINDOWS\BrowserChoice 2012-11-16 16:52:24 11272192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-11-16 16:52:23 10768384 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-11-16 16:45:07 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll 2012-11-16 16:45:06 13640704 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll 2012-11-16 16:45:03 3265256 ----a-w- C:\WINDOWS\System32\drivers\evbda.sys 2012-11-16 16:45:01 10791936 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll 2012-11-16 16:45:00 2397184 ----a-w- C:\WINDOWS\System32\WpcMon.exe 2012-11-16 16:45:00 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2012-11-16 16:43:59 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll 2012-11-16 16:41:58 76288 ----a-w- C:\WINDOWS\System32\newdev.exe 2012-11-16 16:41:58 75264 ----a-w- C:\WINDOWS\System32\ndadmin.exe 2012-11-16 16:41:58 74240 ----a-w- C:\WINDOWS\SysWow64\newdev.exe 2012-11-16 16:41:58 73728 ----a-w- C:\WINDOWS\SysWow64\ndadmin.exe 2012-11-16 16:41:58 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll 2012-11-16 16:41:58 301568 ----a-w- C:\WINDOWS\System32\newdev.dll 2012-11-16 16:41:58 275968 ----a-w- C:\WINDOWS\SysWow64\newdev.dll 2012-11-16 16:41:57 68608 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll 2012-11-16 16:39:42 439296 ----a-w- C:\WINDOWS\System32\ReAgent.dll 2012-11-16 16:39:42 371712 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll 2012-11-16 16:39:42 26624 ----a-w- C:\WINDOWS\System32\ReAgentc.exe 2012-11-16 16:39:42 24064 ----a-w- C:\WINDOWS\SysWow64\ReAgentc.exe 2012-11-16 16:39:11 4056576 ----a-w- C:\WINDOWS\System32\win32k.sys 2012-11-16 16:34:38 -------- d-----r- C:\Sandbox 2012-11-16 16:33:31 -------- d-----w- C:\Program Files\Sandboxie 2012-11-16 16:24:37 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Packages 2012-11-16 16:24:37 -------- d-----w- C:\ProgramData\PRICache 2012-11-16 16:09:07 891240 ----a-w- C:\WINDOWS\System32\nvvsvc.exe 2012-11-16 16:09:07 63336 ----a-w- C:\WINDOWS\System32\nvshext.dll 2012-11-16 16:09:07 6193000 ----a-w- C:\WINDOWS\System32\nvcpl.dll 2012-11-16 16:09:07 3266408 ----a-w- C:\WINDOWS\System32\nvsvc64.dll 2012-11-16 16:09:07 2689224 ----a-w- C:\WINDOWS\System32\nvcoproc.bin 2012-11-16 16:09:07 2557800 ----a-w- C:\WINDOWS\System32\nvsvcr.dll 2012-11-16 16:09:07 118120 ----a-w- C:\WINDOWS\System32\nvmctray.dll 2012-11-16 16:08:59 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2012-11-16 16:08:55 -------- d-----w- C:\Program Files\NVIDIA Corporation 2012-11-16 16:08:55 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-11-16 16:08:46 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM 2012-11-16 16:08:46 -------- d-----w- C:\Program Files\Realtek 2012-11-16 16:06:30 -------- d-----w- C:\Windows.old 2012-11-16 16:05:29 -------- d-----w- C:\WINDOWS\SysWow64\XPSViewer 2012-11-16 16:02:43 1166440 ----a-r- C:\WINDOWS\System32\PresentationNative_v0300.dll 2012-11-16 16:02:37 35400 ----a-r- C:\WINDOWS\System32\TsWpfWrp.exe 2012-11-16 16:02:34 124040 ----a-r- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll 2012-11-16 16:02:29 35400 ----a-r- C:\WINDOWS\SysWow64\TsWpfWrp.exe 2012-11-16 16:02:26 102528 ----a-r- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2012-11-16 16:02:21 778856 ----a-r- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll 2012-11-16 15:47:48 -------- d-----w- C:\WINDOWS\Panther 2012-11-15 09:52:28 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 2012-11-15 09:52:21 -------- d-----w- C:\Program Files (x86)\Wimp 2012-11-15 08:20:41 -------- d-----w- C:\Users\jn2002dk\.stencylworks 2012-11-15 08:20:38 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Stencyl 2012-11-14 17:24:23 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-11-14 17:23:05 -------- d-----w- C:\ProgramData\ALM 2012-11-14 16:58:16 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\NVIDIA 2012-11-14 16:56:08 -------- d-----w- C:\WINDOWS\SysWow64\spool 2012-11-14 16:55:12 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2012-11-14 16:55:11 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared 2012-11-14 16:40:29 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes 2012-11-14 16:36:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-14 16:25:44 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\deluge 2012-11-14 16:23:52 -------- d-----w- C:\Program Files (x86)\Deluge 2012-11-14 14:25:33 -------- d-----w- C:\Program Files (x86)\Stencyl 2012-11-14 14:25:22 -------- d-----w- C:\Users\jn2002dk\.oces2 2012-11-14 14:25:14 821736 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll 2012-11-14 14:25:14 746984 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll 2012-11-14 14:25:09 95208 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll 2012-11-14 08:19:16 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF 2012-11-14 08:19:15 -------- d-----w- C:\Program Files (x86)\SumatraPDF 2012-11-11 23:14:03 -------- d-----w- C:\Program Files\CCleaner 2012-11-11 23:11:28 -------- d-----w- C:\Users\jn2002dk\AppData\Local\VMware 2012-11-11 09:27:33 -------- d-----r- C:\Program Files (x86)\Skype 2012-11-10 18:40:49 3584 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\da-DK\LXKPTPRC.DLL.mui 2012-11-10 18:40:48 3584 ----a-w- C:\WINDOWS\System32\drivers\da-DK\tsusbflt.sys.mui 2012-11-10 18:40:46 2560 ----a-w- C:\WINDOWS\System32\drivers\da-DK\rdpwd.sys.mui 2012-11-10 18:39:42 -------- d-----w- C:\WINDOWS\NAPP_Dism_Log 2012-11-10 17:10:13 -------- d-----w- C:\Users\jn2002dk\AppData\Local\mypaint 2012-11-10 17:09:57 -------- d-----w- C:\Program Files\MyPaint 2012-11-10 16:44:19 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development 2012-11-10 16:44:19 -------- d-----w- C:\ProgramData\SYSTEMAX Software Development 2012-11-10 16:44:13 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Zame 2012-11-10 16:32:20 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Adobe 2012-11-10 14:51:53 -------- d-----r- C:\Users\jn2002dk\Dropbox 2012-11-10 14:50:28 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Dropbox 2012-11-10 13:07:38 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2012-11-10 13:05:32 -------- d-----w- C:\ProgramData\Battle.net 2012-11-10 11:39:23 15360 ----a-w- C:\WINDOWS\System32\RdpGroupPolicyExtension.dll 2012-11-10 11:39:23 13312 ----a-w- C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyControl.exe 2012-11-10 11:39:12 192000 ----a-w- C:\WINDOWS\SysWow64\rdpendp_winip.dll 2012-11-10 11:39:11 228864 ----a-w- C:\WINDOWS\System32\rdpendp_winip.dll 2012-11-10 11:30:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-11-10 11:28:30 -------- d-----w- C:\WINDOWS\SysWow64\Wat 2012-11-10 11:28:30 -------- d-----w- C:\WINDOWS\System32\Wat 2012-11-10 11:16:35 -------- d-----w- C:\ProgramData\Alias 2012-11-10 11:15:11 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\WTablet 2012-11-10 11:15:07 -------- d-----w- C:\Program Files (x86)\TabletPlugins 2012-11-10 11:15:05 15776 ----a-w- C:\WINDOWS\System32\drivers\wacomrouterfilter.sys 2012-11-10 11:15:02 81312 ----a-w- C:\WINDOWS\System32\drivers\wachidrouter.sys 2012-11-10 11:15:02 1721576 ----a-w- C:\WINDOWS\System32\wdfcoinstaller01009.dll 2012-11-10 11:15:02 13728 ----a-w- C:\WINDOWS\System32\drivers\hidkmdf.sys 2012-11-10 11:14:56 1981312 ----a-w- C:\WINDOWS\System32\Wacom_Tablet.dll 2012-11-10 11:14:56 1974144 ----a-w- C:\WINDOWS\System32\Wacom_Touch_Tablet.dll 2012-11-10 11:14:56 1843072 ----a-w- C:\WINDOWS\System32\Wintab32.dll 2012-11-10 11:14:56 1840000 ----a-w- C:\WINDOWS\System32\WacomMT.dll 2012-11-10 11:14:56 1628032 ----a-w- C:\WINDOWS\SysWow64\Wacom_Tablet.dll 2012-11-10 11:14:56 1621376 ----a-w- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll 2012-11-10 11:14:56 1509248 ----a-w- C:\WINDOWS\SysWow64\Wintab32.dll 2012-11-10 11:14:56 1505152 ----a-w- C:\WINDOWS\SysWow64\WacomMT.dll 2012-11-10 11:14:55 -------- d-----w- C:\Program Files\Tablet 2012-11-10 11:06:31 -------- d-----w- C:\Program Files\TabletPlugins 2012-11-10 11:04:19 -------- d-----w- C:\ProgramData\CELSYS 2012-11-10 11:04:09 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Smith Micro 2012-11-10 11:02:39 294912 ----a-w- C:\WINDOWS\System32\browserchoice.exe 2012-11-10 11:02:18 -------- d-----w- C:\Program Files (x86)\Smith Micro 2012-11-10 11:02:12 306688 ----a-w- C:\WINDOWS\IsUninst.exe 2012-11-10 11:00:54 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Autodesk 2012-11-10 11:00:51 -------- d-----w- C:\Program Files (x86)\Autodesk 2012-11-10 10:58:04 -------- d-----w- C:\temp 2012-11-10 10:57:27 -------- d-----w- C:\Autodesk 2012-11-10 10:54:02 970088 ----a-w- C:\WINDOWS\System32\nvumdshimx.dll 2012-11-10 10:54:02 828776 ----a-w- C:\WINDOWS\SysWow64\nvumdshim.dll 2012-11-10 10:54:02 6099816 ----a-w- C:\WINDOWS\SysWow64\nvopencl.dll 2012-11-10 10:54:02 14799720 ----a-w- C:\WINDOWS\System32\nvwgf2umx.dll 2012-11-10 10:54:02 12386664 ----a-w- C:\WINDOWS\SysWow64\nvwgf2um.dll 2012-11-10 10:54:01 7386472 ----a-w- C:\WINDOWS\System32\nvopencl.dll 2012-11-10 10:54:01 26227560 ----a-w- C:\WINDOWS\System32\nvoglv64.dll 2012-11-10 10:54:01 19828584 ----a-w- C:\WINDOWS\SysWow64\nvoglv32.dll 2012-11-10 10:54:00 247144 ----a-w- C:\WINDOWS\System32\nvinitx.dll 2012-11-10 10:54:00 202600 ----a-w- C:\WINDOWS\SysWow64\nvinit.dll 2012-11-10 10:54:00 13378408 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys 2012-11-10 10:51:22 77656 ----a-w- C:\WINDOWS\System32\XAPOFX1_5.dll 2012-11-10 10:50:59 238088 ----a-w- C:\WINDOWS\SysWow64\xactengine3_1.dll 2012-11-10 10:47:15 -------- d-----w- C:\World of Warcraft 2012-11-10 10:44:02 -------- d-----w- C:\avast! sandbox 2012-11-10 10:41:20 -------- d-----w- C:\ProgramData\AVAST Software 2012-11-10 10:41:20 -------- d-----w- C:\Program Files\AVAST Software 2012-11-10 10:37:48 -------- d-----w- C:\Users\jn2002dk\AppData\Local\EgisTec IPS 2012-11-10 10:33:12 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Google 2012-11-10 10:33:05 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Apps 2012-11-10 10:30:39 595968 ----a-w- C:\WINDOWS\SysWow64\Rtlihvs.dll 2012-11-10 10:30:39 595968 ----a-w- C:\WINDOWS\System32\Rtlihvs.dll 2012-11-10 10:30:38 -------- d-----w- C:\Program Files (x86)\NETGEAR 2012-11-10 10:25:04 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\OEM 2012-11-10 10:25:03 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Screensaver 2012-11-10 10:24:56 -------- d-----r- C:\Users\jn2002dk\Searches 2012-11-10 10:24:49 -------- d-----r- C:\Users\jn2002dk\Contacts 2012-11-10 10:24:20 -------- d-----w- C:\Users\jn2002dk\AppData\Local\VirtualStore 2012-11-10 10:08:40 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation 2012-11-10 10:03:59 99944 ----a-w- C:\WINDOWS\System32\RCoInstII64.dll 2012-11-10 10:02:59 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2012-11-10 10:01:33 41984 ----a-w- C:\WINDOWS\System32\drivers\USB3Ver.dll 2012-11-10 10:00:20 568600 ----a-w- C:\WINDOWS\System32\drivers\iaStor.sys 2012-11-10 09:55:03 -------- d--ha-w- C:\book 2012-11-10 09:50:35 68928 ----a-w- C:\WINDOWS\System32\OpenCL.dll 2012-11-10 09:50:35 61248 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll 2012-11-10 09:50:27 31040 ----a-w- C:\WINDOWS\System32\nvhdap64.dll 2012-11-10 09:50:27 188224 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys 2012-11-10 09:50:27 1451840 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll 2012-11-10 09:50:26 364352 ----a-w- C:\WINDOWS\System32\nvdecodemft.dll 2012-11-10 09:50:26 301376 ----a-w- C:\WINDOWS\SysWow64\nvdecodemft.dll 2012-11-10 09:50:26 1466176 ----a-w- C:\WINDOWS\System32\nvgenco64.dll 2012-11-10 09:47:58 53248 ----a-w- C:\WINDOWS\SysWow64\CSVer.dll 2012-11-10 09:47:55 -------- d--h--w- C:\Intel . ==================== Find3M ==================== . 2012-11-02 05:22:08 34304 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe 2012-11-02 05:21:44 83968 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll 2012-11-02 05:21:44 125952 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll 2012-11-02 05:21:28 246784 ----a-w- C:\WINDOWS\SysWow64\ubpm.dll 2012-11-02 05:20:31 39424 ----a-w- C:\WINDOWS\System32\wuapp.exe 2012-11-02 05:20:28 77824 ----a-w- C:\WINDOWS\System32\taskhost.exe 2012-11-02 05:20:28 72192 ----a-w- C:\WINDOWS\System32\taskhostex.exe 2012-11-02 05:20:10 141824 ----a-w- C:\WINDOWS\System32\wuwebv.dll 2012-11-02 05:20:09 98304 ----a-w- C:\WINDOWS\System32\wudriver.dll 2012-11-02 05:20:09 251904 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll 2012-11-02 05:20:09 17408 ----a-w- C:\WINDOWS\System32\wuaext.dll 2012-11-02 05:20:09 1619968 ----a-w- C:\WINDOWS\System32\wucltux.dll 2012-11-02 05:19:50 318464 ----a-w- C:\WINDOWS\System32\ubpm.dll 2012-11-02 05:01:27 99328 ----a-w- C:\WINDOWS\System32\wushareduxresources.dll 2012-11-02 04:55:32 212992 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys 2012-11-02 04:53:13 366080 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys 2012-10-29 05:04:47 522640 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll 2012-10-29 05:04:47 490064 ----a-w- C:\WINDOWS\System32\AudioEng.dll 2012-10-29 05:04:47 447792 ----a-w- C:\WINDOWS\System32\AudioSes.dll 2012-10-29 05:04:47 253512 ----a-w- C:\WINDOWS\System32\audiodg.exe 2012-10-29 03:21:53 1526784 ----a-w- C:\WINDOWS\System32\mfcore.dll 2012-10-29 03:21:21 267264 ----a-w- C:\WINDOWS\System32\EncDump.dll 2012-10-29 03:20:49 785920 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2012-10-29 03:20:49 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2012-10-29 03:19:08 463768 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll 2012-10-29 03:19:08 427568 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll 2012-10-29 03:19:08 324344 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll 2012-10-29 02:46:23 1451520 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll 2012-10-26 22:19:09 80728 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2012-10-26 22:19:09 695648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2012-10-24 04:54:06 6972136 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2012-10-24 03:06:12 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb 2012-10-24 02:27:01 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb 2012-10-18 06:17:18 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys 2012-10-18 03:20:46 10096640 ----a-w- C:\WINDOWS\System32\twinui.dll 2012-10-18 03:18:40 2302464 ----a-w- C:\WINDOWS\System32\authui.dll 2012-10-18 03:18:33 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll 2012-10-18 02:46:00 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2012-10-18 02:44:38 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll 2012-10-18 02:44:33 753664 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll 2012-10-17 04:32:52 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll 2012-10-17 04:32:51 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll 2012-10-17 04:32:51 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll 2012-10-17 04:32:50 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll 2012-10-17 03:57:37 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll 2012-10-17 03:57:37 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll 2012-10-17 03:57:37 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll 2012-10-17 03:57:36 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll 2012-10-12 08:08:01 27880 ----a-w- C:\WINDOWS\System32\drivers\rdpvideominiport.sys 2012-10-12 06:14:54 87040 ----a-w- C:\WINDOWS\System32\srmtrace.dll 2012-10-12 06:14:54 652800 ----a-w- C:\WINDOWS\System32\srmscan.dll 2012-10-12 06:14:54 30720 ----a-w- C:\WINDOWS\System32\srm_ps.dll 2012-10-12 06:14:54 279040 ----a-w- C:\WINDOWS\System32\srm.dll 2012-10-12 06:14:54 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll 2012-10-12 06:14:54 172032 ----a-w- C:\WINDOWS\System32\srmshell.dll 2012-10-12 06:14:54 1347072 ----a-w- C:\WINDOWS\System32\srmclient.dll 2012-10-12 06:14:54 134144 ----a-w- C:\WINDOWS\System32\adrclient.dll 2012-10-12 06:14:40 36352 ----a-w- C:\WINDOWS\System32\rfxvmt.dll 2012-10-12 06:14:39 3244032 ----a-w- C:\WINDOWS\System32\rdpcorets.dll 2012-10-12 06:14:34 115712 ----a-w- C:\WINDOWS\System32\wbem\PolicMan.dll 2012-10-12 06:13:32 109568 ----a-w- C:\WINDOWS\System32\dskquota.dll 2012-10-12 05:50:01 235520 ----a-w- C:\WINDOWS\System32\rdpudd.dll 2012-10-12 05:46:28 618496 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys 2012-10-12 05:41:02 987648 ----a-w- C:\WINDOWS\SysWow64\srmclient.dll 2012-10-12 05:41:02 68096 ----a-w- C:\WINDOWS\SysWow64\srmtrace.dll 2012-10-12 05:41:02 487936 ----a-w- C:\WINDOWS\SysWow64\srmscan.dll 2012-10-12 05:41:02 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll 2012-10-12 05:41:02 202240 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll 2012-10-12 05:41:02 15872 ----a-w- C:\WINDOWS\SysWow64\srm_ps.dll 2012-10-12 05:41:02 128000 ----a-w- C:\WINDOWS\SysWow64\srmshell.dll 2012-10-12 05:41:02 104448 ----a-w- C:\WINDOWS\SysWow64\adrclient.dll 2012-10-12 05:40:49 84992 ----a-w- C:\WINDOWS\SysWow64\wbem\PolicMan.dll 2012-10-12 05:39:54 82944 ----a-w- C:\WINDOWS\SysWow64\dskquota.dll 2012-10-11 07:47:18 793200 ----a-w- C:\WINDOWS\System32\mfplat.dll 2012-10-11 07:35:16 2380944 ----a-w- C:\WINDOWS\explorer.exe 2012-10-11 07:26:44 336104 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys 2012-10-11 07:25:48 56552 ----a-w- C:\WINDOWS\System32\drivers\sdstor.sys 2012-10-11 07:23:33 1001192 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys 2012-10-11 07:23:32 441576 ----a-w- C:\WINDOWS\System32\drivers\netio.sys 2012-10-11 07:18:25 172264 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys 2012-10-11 07:16:20 1403784 ----a-w- C:\WINDOWS\System32\winload.efi 2012-10-11 07:16:20 1267424 ----a-w- C:\WINDOWS\System32\winload.exe 2012-10-11 07:16:20 1217328 ----a-w- C:\WINDOWS\System32\winresume.efi 2012-10-11 07:16:19 1093880 ----a-w- C:\WINDOWS\System32\winresume.exe 2012-10-11 07:13:54 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys 2012-10-11 07:13:51 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys 2012-10-11 07:13:49 58088 ----a-w- C:\WINDOWS\System32\drivers\dam.sys 2012-10-11 07:13:37 33512 ----a-w- C:\WINDOWS\System32\drivers\battc.sys 2012-10-11 07:08:41 562392 ----a-w- C:\WINDOWS\System32\drivers\cng.sys 2012-10-11 07:02:27 1636672 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll 2012-10-11 07:01:47 503080 ----a-w- C:\WINDOWS\System32\ci.dll 2012-10-11 05:56:41 2115952 ----a-w- C:\WINDOWS\SysWow64\explorer.exe 2012-10-11 05:45:58 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll 2012-10-11 05:45:58 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll 2012-10-11 05:45:58 1045504 ----a-w- C:\WINDOWS\System32\usercpl.dll 2012-10-11 05:45:53 3554304 ----a-w- C:\WINDOWS\System32\tquery.dll 2012-10-11 05:45:49 370176 ----a-w- C:\WINDOWS\System32\SysFxUI.dll 2012-10-11 05:45:48 579584 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll 2012-10-11 05:45:42 505344 ----a-w- C:\WINDOWS\System32\SpaceControl.dll 2012-10-11 05:45:37 590848 ----a-w- C:\WINDOWS\System32\SHCore.dll . ============= FINISH: 16:36:53,40 =============== attach.txt
  13. jn2002dk
    Hello Today Malwarebytes pro blocked an outgoing IP connection 4 times within 2 minutes citing chrome.exe as the source Since i run chrome through sandboxie (win 8 64bit) i closed chrome and deleted the sandbox. I then ran a Windows Defender quick scan and a Malwarebytes Pro quick scan, both came up empty and i haven't seen any more outgoing IP connections being blocked So should i be content with this or is there still a risk i'm infected? Thank you in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.