Jump to content

Recurring Trojan?


Oyen

Recommended Posts

Hi!

A few days ago when running my scheduled anti-virus scan with AVG, 5 Trojans showed up called: Trojan horse Agent3.AYIB, Trojan horse Generic25.BISB, Trojan horse Generic26.GRW, Trojan horse BackDoor.Generic14.BWEM and Trojan horse BackDoor.Generic14.BYEP I moved them all to the vault and then ran a full scan with MBAM. It found an infected registery value, which got removed. So I thought that was the end of it. Then warnings about the Trojan horse BackDoor.Generic14.BYEP started to pop up from AVG, and in three days I´ve got 8 of the same Trojan moved to the vault. The MBAM doesn´t find any infections anymore and I still get warnings from AVG. It recently

spotted an "infected registery key with reference to infected file C:\WINDOWS\System32\DRIVERS\redbook.sys"

I also use AVG PC Tuneup to repair registery, clean drives, erase history etc. Can this affect something so the virus will come back?

What should I do to remove it completely?

Thanks in advance!

Here´s the DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Lars at 20:53:26 on 2011-11-30

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2047.751 [GMT 1:00]

.

AV: Malware Defense *Enabled/Outdated* {28e00e3b-806e-4533-925c-f4c3d79514b9}

AV: avast! antivirus 4.8.0 [VPS 000000-0] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: AVG Firewall *Enabled*

.

============== Running Processes ===============

.

C:\Program\AVG\AVG2012\avgrsx.exe

C:\Program\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program\DELADE~1\Stardock\SDMCP.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Razer\Diamondback 3G\razerhid.exe

C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program\AVG\AVG2012\avgtray.exe

C:\program files\real\realplayer\update\realsched.exe

C:\Program\Logitech Gaming Software\LCore.exe

C:\Program\DivX\DivX Update\DivXUpdate.exe

C:\Program\AVG Secure Search\vprot.exe

C:\Program\Delade filer\Java\Java Update\jusched.exe

C:\Program\QuickTime\qttask.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program\Pando Networks\Media Booster\PMB.exe

C:\Program\Razer\Diamondback 3G\razertra.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

C:\Program\Razer\Diamondback 3G\razerofa.exe

svchost.exe

C:\Program\AVG\AVG2012\avgfws.exe

C:\Program\AVG\AVG2012\avgwdsvc.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program\Nero\Update\NASvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe

C:\Program\AVG\AVG2012\AVGIDSAgent.exe

C:\Program\AVG\AVG2012\avgnsx.exe

C:\Program\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Documents and Settings\Lars\Lokala inställningar\Temporary Internet Files\Content.IE5\975L6BWG\dds[1].scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.se/

uSearch Page =

uSearch Bar =

uInternet Settings,ProxyOverride = <local>

mSearchAssistant =

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program\askbardis\bar\bin\askBar.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program\avg\avg2012\avgssie.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program\google\googletoolbarnotifier\5.7.7018.1622\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program\askbardis\bar\bin\askBar.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program\google\google toolbar\GoogleToolbar_32.dll

TB: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

uRun: [Google Update] "c:\documents and settings\lars\lokala inställningar\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Pando Media Booster] c:\program\pando networks\media booster\PMB.exe

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.cartoonnetwork.se/show/blandade-serier/games/toon-hoops"

mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe

mRun: [soundMAXPnP] c:\program\analog devices\core\smax4pnp.exe

mRun: [Diamondback] c:\program\razer\diamondback 3g\razerhid.exe

mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

mRun: [AVG_TRAY] "c:\program\avg\avg2012\avgtray.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"

mRun: [Launch LCore] "c:\program\logitech gaming software\LCore.exe" /minimized

mRun: [updatePDRShortCut] "c:\program\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\9.0"

mRun: [DivXUpdate] "c:\program\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [vProt] "c:\program\avg secure search\vprot.exe"

mRun: [soundMAX] "c:\program\analog devices\soundmax\smax4.exe" /tray

mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\program\delade~1\micros~1\dw\dwtrig20.exe" -t

mPolicies-system: DisableStatusMessages = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\documents and settings\lars\application data\dvdvideosoftiehelpers\youtubetomp3.htm

IE: Save YouTube Video - c:\program\delade filer\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP4.htm

IE: Save YouTube Video as MP3 - c:\program\delade filer\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - hxxp://www.musicnotes.com/download/mnviewer.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.0.254

TCP: Interfaces\{1DB92874-42DA-4F43-BC76-5F57B3B4351D} : DhcpNameServer = 192.168.0.254

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program\belarc\advisor\system\BAVoilaX.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program\avg\avg2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program\delade filer\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll

Notify: MCPClient - c:\program\delade~1\stardock\mcpstub.dll

SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - c:\program\delade~1\stardock\MCPCore.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\program\wifd1f~1\MpShHook.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-11 114768]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 229840]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-11 20560]

R2 avgfws;AVG Firewall;c:\program\avg\avg2012\avgfws.exe [2011-8-19 2399560]

R2 AVGIDSAgent;AVGIDSAgent;c:\program\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248]

R2 avgwd;AVG WatchDog;c:\program\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 MBAMService;MBAMService;c:\program\malwarebytes' anti-malware\mbamservice.exe [2010-1-12 366152]

R2 NAUpdate;@c:\program\nero\update\nasvc.exe,-200;c:\program\nero\update\NASvc.exe [2011-9-23 641832]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-30 2253120]

R2 vToolbarUpdater;vToolbarUpdater;c:\program\delade filer\avg secure search\vtoolbarupdater\8.0.1\ToolbarUpdater.exe [2011-10-16 246600]

R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-9-15 19720]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-9-15 14856]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-12 22216]

R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [2008-3-14 13225]

S2 avast! Antivirus;avast! Antivirus;c:\program\alwil software\avast4\ashServ.exe [2010-1-11 138680]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program\google\update\GoogleUpdate.exe [2010-2-8 135664]

S3 appliandMP;appliandMP; [x]

S3 avast! Mail Scanner;avast! Mail Scanner;"c:\program\alwil software\avast5\avastsvc.exe" --> c:\program\alwil software\avast5\AvastSvc.exe [?]

S3 avast! Web Scanner;avast! Web Scanner;"c:\program\alwil software\avast5\avastsvc.exe" --> c:\program\alwil software\avast5\AvastSvc.exe [?]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]

S3 CME_1394;CME_1394;c:\windows\system32\drivers\CME_1394.sys [2008-3-14 113664]

S3 CME_avs;CME_avs;c:\windows\system32\drivers\CME_avs.sys [2008-3-14 28672]

S3 cpudrv;cpudrv;c:\program\systemrequirementslab\cpudrv.sys [2009-12-18 11336]

S3 DBKDRVR54;DBKDRVR54;\??\c:\program\cheat engine\dbk32.sys --> c:\program\cheat engine\dbk32.sys [?]

S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-10-28 23456]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-10-19 13224]

S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program\google\update\GoogleUpdate.exe [2010-2-8 135664]

S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2011-5-15 13312]

S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2008-10-31 83880]

S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2008-10-31 15016]

S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2008-10-31 110632]

S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2008-10-31 104616]

S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2008-10-31 25512]

S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2008-10-31 100648]

S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2008-10-31 110120]

S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program\sony ericsson\sony ericsson pc companion\PCCService.exe [2010-11-1 155344]

S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [2008-3-15 18432]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-11-27 14:51:09 -------- d-----w- c:\program\Synthesia

2011-11-27 13:54:45 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3bd33955-8a1f-4c3a-83ce-099308ad0e91}\mpengine.dll

2011-11-09 14:35:22 -------- d-----w- c:\windows\system32\cache

2011-11-07 21:13:53 -------- d-----w- c:\program\delade filer\Adobe AIR

2011-11-06 16:53:36 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys

2011-11-06 16:53:36 -------- d-----w- c:\program\Belarc

.

==================== Find3M ====================

.

2011-11-06 14:19:47 286052 ----a-w- c:\windows\system32\nvdrsdb0.bin

2011-11-06 14:19:47 1 ----a-w- c:\windows\system32\nvdrssel.bin

2011-11-06 14:19:32 286052 ----a-w- c:\windows\system32\nvdrsdb1.bin

2011-10-28 17:50:04 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys

2011-10-20 23:26:22 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-10-10 14:22:54 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-03 03:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-03 00:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-09-28 07:06:45 602112 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 09:41:40 612352 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 09:41:40 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-15 19:04:32 14856 ----a-w- c:\windows\system32\drivers\LGVirHid.sys

2011-09-15 19:04:31 19720 ----a-w- c:\windows\system32\drivers\LGBusEnum.sys

2011-09-13 04:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-09-06 14:09:57 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-03-15 18:15:26 20188776 ----a-w- c:\program\CheetahDVDBurner.exe

2010-01-19 17:03:16 13976672 ----a-w- c:\program\ichords2.exe

2009-09-02 18:54:05 32829864 ----a-w- c:\program\AVSAudioEditor.exe

2008-05-05 19:42:52 774144 ----a-w- c:\program\RngInterstitial.dll

.

============= FINISH: 20:54:18,31 ===============

Link to post
Share on other sites

Hello Oyen! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Please post the Attach.txt, then I'll explain the situation and what we are going to do next.

Link to post
Share on other sites

Ok here it is.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 2008-03-13 12:18:04

System Uptime: 2011-12-01 14:58:27 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5PL2-E

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | LGA 775 | 2007/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 233 GiB total, 95,027 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}

Description: CD-ROM-enhet

Device ID: IDE\CDROMTSSTCORP_CDDVDW_SH-S203D________________SB00____\5&722A3FC&0&0.0.0

Manufacturer: (Standard-CD-ROM-enheter)

Name: TSSTcorp CDDVDW SH-S203D

PNP Device ID: IDE\CDROMTSSTCORP_CDDVDW_SH-S203D________________SB00____\5&722A3FC&0&0.0.0

Service: cdrom

.

==== System Restore Points ===================

.

RP834: 2011-09-01 19:28:42 - Sony Ericsson PC Companion

RP835: 2011-09-03 22:46:19 - Software Distribution Service 3.0

RP836: 2011-09-07 18:15:22 - Software Distribution Service 3.0

RP837: 2011-09-07 20:00:15 - Software Distribution Service 3.0

RP838: 2011-09-11 20:38:45 - Software Distribution Service 3.0

RP839: 2011-09-12 22:18:20 - Systemkontrollpunkt

RP840: 2011-09-13 16:16:51 - Software Distribution Service 3.0

RP841: 2011-09-14 19:33:04 - Systemkontrollpunkt

RP842: 2011-09-15 20:00:32 - Software Distribution Service 3.0

RP843: 2011-09-16 22:44:18 - Software Distribution Service 3.0

RP844: 2011-09-20 08:25:23 - Software Distribution Service 3.0

RP845: 2011-09-21 19:40:09 - Systemkontrollpunkt

RP846: 2011-09-25 19:10:01 - Software Distribution Service 3.0

RP847: 2011-09-26 21:28:40 - Systemkontrollpunkt

RP848: 2011-09-27 16:14:44 - Software Distribution Service 3.0

RP849: 2011-09-27 19:05:57 - Installed PowerDirector

RP850: 2011-09-27 19:52:29 - Installed PowerDirector

RP851: 2011-09-28 20:00:15 - Software Distribution Service 3.0

RP852: 2011-09-29 20:02:05 - Systemkontrollpunkt

RP853: 2011-10-04 19:06:59 - Software Distribution Service 3.0

RP854: 2011-10-06 18:10:12 - Systemkontrollpunkt

RP855: 2011-10-09 18:12:38 - Software Distribution Service 3.0

RP856: 2011-10-10 22:02:48 - Removed Click to Call with Skype

RP857: 2011-10-14 23:35:36 - Software Distribution Service 3.0

RP858: 2011-10-15 04:34:14 - Software Distribution Service 3.0

RP859: 2011-10-16 20:29:15 - Installed AVG 2012

RP860: 2011-10-16 20:29:58 - Installed AVG 2012

RP861: 2011-10-16 21:13:41 - AVG Regisry Defrag - before defragmentation

RP862: 2011-10-18 16:00:38 - Software Distribution Service 3.0

RP863: 2011-10-19 20:45:13 - Systemkontrollpunkt

RP864: 2011-10-20 19:09:52 - Installed Java 6 Update 29

RP865: 2011-10-24 17:21:04 - Software Distribution Service 3.0

RP866: 2011-10-25 16:25:56 - Software Distribution Service 3.0

RP867: 2011-10-26 18:40:21 - Systemkontrollpunkt

RP868: 2011-10-27 17:48:43 - Installed League of Legends

RP869: 2011-10-27 21:24:46 - Installed League of Legends

RP870: 2011-10-28 16:02:30 - Software Distribution Service 3.0

RP871: 2011-10-28 22:36:23 - DirectX har installerats

RP872: 2011-10-30 15:20:59 - Systemkontrollpunkt

RP873: 2011-11-01 14:11:50 - Software Distribution Service 3.0

RP874: 2011-11-05 00:36:06 - Software Distribution Service 3.0

RP875: 2011-11-06 18:18:13 - Microsoft Visual C++ 2005 Redistributable installerades

RP876: 2011-11-06 18:18:50 - DirectX har installerats

RP877: 2011-11-06 20:14:42 - Installerad Nero Burning ROM 11.

RP878: 2011-11-07 23:03:55 - Software Distribution Service 3.0

RP879: 2011-11-09 15:37:43 - Software Distribution Service 3.0

RP880: 2011-11-09 20:00:15 - Software Distribution Service 3.0

RP881: 2011-11-12 22:01:51 - Software Distribution Service 3.0

RP882: 2011-11-14 19:15:02 - Software Distribution Service 3.0

RP883: 2011-11-15 00:35:58 - AVG Regisry Defrag - before defragmentation

RP884: 2011-11-15 16:08:35 - Software Distribution Service 3.0

RP885: 2011-11-23 15:57:28 - Software Distribution Service 3.0

RP886: 2011-11-24 18:00:00 - Systemkontrollpunkt

RP887: 2011-11-27 14:54:41 - Software Distribution Service 3.0

RP888: 2011-11-27 15:46:57 - DirectX har installerats

RP889: 2011-11-27 15:51:14 - DirectX har installerats

RP890: 2011-11-29 18:34:12 - Systemkontrollpunkt

RP891: 2011-11-30 21:25:31 - Systemkontrollpunkt

RP892: 2011-12-01 15:10:04 - Removed Java 6 Update 29

RP893: 2011-12-01 15:13:10 - Installed Java 6 Update 29

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.3.1

Adobe Shockwave Player

Analog Factory SE 1.2

Any Video Converter 2.7.6

Apple Application Support

Apple Software Update

ASIO4ALL

Ask Toolbar

AudibleManager

AVG 2012

AVG PC Tuneup 2011

AVG Security Toolbar

Belarc Advisor 8.2

BitTorrent

CME Matrix K FW Audio Driver V2.27.0

Compatibility Pack för Office 2007-systemet

Creative Mass Storage Drivers

CyberLink PowerDirector

CyberLink WaveEditor

DivX Setup

DNA

DriverAgent by eSupport.com

Drumaxx

FL Studio 9

Fliken Komma igång i Microsoft Office Word 2007

Free Studio version 4.2

Free Video to DVD Converter version 1.1

Free YouTube to iPod Converter version 3.1

Free YouTube to MP3 Converter version 3.9

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HTML Executable IERuntime

IL Download Manager

ImgBurn

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

League of Legends

LiveSearch Notification Tool

Logitech Gaming Software 8.01

Malwarebytes' Anti-Malware version 1.51.2.1300

Media Go

Microsoft .NET Framework 2.0 Language Pack - SVE

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Client Profile SVE Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended Language Pack - SVE

Microsoft .NET Framework 4 Extended SVE Language Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Windows Journal Viewer

Microsoft WinUsb 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XML Parser

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB933579)

Music Manager

Musicnotes Player V1.23.1

Musicnotes Software Suite 1.0

Nero 7 Essentials

Nero Burning ROM 11

Nero Burning ROM 11 Help (CHM)

Nero ControlCenter 11

Nero ControlCenter 11 Help (CHM)

Nero Core Components 11

Nero RescueAgent 11

Nero RescueAgent 11 Help (CHM)

Nero Update

nero.prerequisites.msi

neroxml

NoteWorthy Composer

NVIDIA-uppdatering 1.5.20

NVIDIA Grafikdrivrutin 285.58

NVIDIA Install Application

NVIDIA nView 135.95

NVIDIA nView Desktop Manager

NVIDIA Update Components

NVIDIAs kontrollpanel 285.58

OGA Notifier 2.0.0048.0

Pando Media Booster

PlayStation®Network Downloader

PlayStation®Store

PoiZone

QuickTime

Razer Diamondback 3G

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

REALTEK GbE & FE Ethernet PCI-E NIC Driver

RealUpgrade 1.1

Sökmarkeringsfönstret (Windows Live Toolbar)

Sakura

Samplitude V8 SE (US)

Sawer

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Segoe UI

Sibelius Scorch (ActiveX Only)

Skype™ 5.5

Smarta menyer (Windows Live Toolbar)

SmartSound Quicktracks 5

SmartSound Quicktracks Plugin

Snabbkorrigering för Windows Internet Explorer 7 (KB947864)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714)

Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2183461)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2360131)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2416400)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2482017)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2497640)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2530548)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2544521)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2559049)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2586448)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB969897)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB971961)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB972260)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB974455)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB976325)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB978207)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB981332)

Säkerhetsuppdatering för Windows Internet Explorer 8 (KB982381)

Sony Ericsson PC Companion 2.01.217

Sony Ericsson Update Engine

SoundMAX

Spelling Dictionaries Support For Adobe Reader 8

Spotify

Stardock MyColors

Steinberg HALionOne

Steinberg Sequel

Syncrosoft License Control

Synthesia (remove only)

System Requirements Lab CYRI

System Requirements Lab for Intel

TestDrive Client

Toxic Biohazard

Ulead DVD DiskRecorder 2.1.1

Ulead VideoStudio 9.0 SE DVD

Uninstall 1.0.0.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Uppdatering för Windows Internet Explorer 8 (KB968220)

Uppdatering för Windows Internet Explorer 8 (KB976662)

Uppdatering för Windows Internet Explorer 8 (KB976749)

Uppdatering för Windows Internet Explorer 8 (KB980182)

VC80CRTRedist - 8.0.50727.6195

WebFldrs XP

Ventrilo Client

Windows Defender

Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)

Windows Imaging Component

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Toolbar

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live Upload Tool

Windows Media Format 11 runtime

Windows Media Player 11

Windows Presentation Foundation

Windows XP Service Pack 3

WinRAR archiver

VLC media player 1.1.11

World of Warcraft

Xfire (remove only)

XML Paper Specification Shared Components Pack 1.0

.

==== End Of File ===========================

Link to post
Share on other sites

The situation is complicated because your system is infected with the current malware, and an old one. There are remnants from an old antivirus program that should be cleaned in order to not cause any problem with the current antivirus.

Step 1

Follow the instructions here to clean the remnants from Avast:

http://www.avast.com/uninstall-utility

Step 2

I see the Ask Toolbar in your log.

I strongly recommend you remove Ask Toolbar from your computer because:

  • It promotes its toolbars on sites targeted at kids.
  • It promotes its toolbars through ads that appear to be part of other companies' sites.
  • It promotes its toolbars through other companies' spyware.
  • It is Installed without any disclosure whatsoever and without any consent from the user whatsoever.
  • It Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
  • It makes confusing changes to user's browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

You can read more about Ask.com here

To remove it:

Click Start-->-Control Panel-->Programs and Features

Click on the program name AskBarDis to highlight it

From the menu at the top, select Uninstall or Remove.

Please reboot the computer.

Step 3

You have p2p software installed on your system, which is very dangerous and illegal. Please check our rules for piracy and uninstall BitTorrent:

http://forums.malwarebytes.org/index.php?showtopic=97700

Step 4

Follow the instructions here to download and run ComboFix tool:

www.bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the result when you are ready.

Link to post
Share on other sites

Hi again.

I followed every step but now I´m stuck in ComboFix. I followed every step to install it and such. When I ran it, it found 3 Trojans/Rootkits/Rootkit- activator

and said it had to reboot. Then it continued to do the stages thingy, and went to "Removing files" which were a bunch. But when it went to "Removing folders" it only removed 6 and than got stuck with the blinking motion marker, that marks "where you currently are at" in I.E a command promt, so it´s not frozen.

Now it´s been so for 40 min, and I read on a site that I should inform you before doing anything else, as restarting the ComboFix for example.

Link to post
Share on other sites

The latest information ComboFix gave me, before it was stuck for one hour and I had to turn off the computer because i had to sleep, was as following:

It said "Deleting Files" and then counted up several files from different locations.

After that was done it said "Deleting Folders" and removed a few which I can´t remember the name of, and then suddenly got stuck like it was either gonna post that it had removed another folder or that it was gonna finish the process, but it never happened. Then I had to shut down the computer.

My question: Should I re-run ComboFix, or what is the next step since I haven´t gotten any logs from ComboFix?

Link to post
Share on other sites

No, now let's try this:

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

  • :\_OTL\MovedFiles
    • in most cases this will be C:\_OTL\MovedFiles

Link to post
Share on other sites

the OTL log comes below:

OTL logfile created on: 2011-12-04 23:21:00 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Lars\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 64,88% Memory free

3,85 Gb Paging File | 3,17 Gb Available in Paging File | 82,24% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 232,88 Gb Total Space | 95,53 Gb Free Space | 41,02% Space Free | Partition Type: NTFS

Computer Name: LARS-52D1C95ED3 | User Name: Lars | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Lars\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\AVG Secure Search\vprot.exe ()

PRC - C:\Program\Pando Networks\Media Booster\PMB.exe ()

PRC - C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

PRC - C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program\Nero\Update\NASvc.exe (Nero AG)

PRC - C:\Program\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\Logitech Gaming Software\LCore.exe (Logitech Inc.)

PRC - C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Razer\Diamondback 3G\razerhid.exe ()

PRC - C:\Program\Razer\Diamondback 3G\razertra.exe ()

PRC - C:\Program\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)

PRC - C:\Program\Delade filer\Stardock\SDMCP.exe (Stardock)

PRC - C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program\AVG Secure Search\vprot.exe ()

MOD - C:\Program\Pando Networks\Media Booster\PMB.exe ()

MOD - C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

MOD - C:\Program\Logitech Gaming Software\plugins\SimInput-8.01.063\SimInput.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.01.044\PnpGamePanelDevices.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\MainUI-8.01.172\MainUI.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\G19Device-8.01.142\G19Device.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\G13Device-8.01.150\G13Device.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevBusHid-8.01.072\DevBusHid.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevBusBulk-8.01.071\DevBusBulk.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevMgr-8.01.072\DevMgr.dll ()

MOD - C:\Program\WinRAR\RarExt.dll ()

MOD - C:\Program\Razer\Diamondback 3G\razerhid.exe ()

MOD - C:\Program\Razer\Diamondback 3G\razertra.exe ()

========== Win32 Services (SafeList) ==========

SRV - (vToolbarUpdater) -- C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

SRV - (nvUpdatusService) -- C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (NAUpdate) -- C:\Program\Nero\Update\NASvc.exe (Nero AG)

SRV - (AVGIDSAgent) -- C:\Program\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

SRV - (MBAMService) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (avgfws) -- C:\Program\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgwd) -- C:\Program\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (Sony Ericsson PCCompanion) -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)

SRV - (odserv) -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (NMIndexingService) -- C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (Nero AG)

SRV - (ose) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (UleadBurningHelper) -- C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)

SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies)

DRV - (LGVirHid) -- C:\WINDOWS\system32\drivers\LGVirHid.sys (Logitech Inc.)

DRV - (LGBusEnum) -- C:\WINDOWS\system32\drivers\LGBusEnum.sys (Logitech Inc.)

DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()

DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )

DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)

DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)

DRV - (cpudrv) -- C:\Program\SystemRequirementsLab\cpudrv.sys ()

DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)

DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation)

DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation)

DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation)

DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation)

DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation)

DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation)

DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation)

DRV - (SynasUSB) -- C:\WINDOWS\system32\drivers\synasUSB.sys (SIA Syncrosoft)

DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (CME_avs) -- C:\WINDOWS\system32\drivers\CME_avs.sys (BridgeCo AG)

DRV - (CME_1394) -- C:\WINDOWS\system32\drivers\CME_1394.sys (BridgeCo AG)

DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)

DRV - (Razerlow) -- C:\WINDOWS\system32\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.se/

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..browser.search.selectedEngine: "Orbit Search (Powered By Google)"

FF - prefs.js..browser.startup.homepage: "http://www.google.se/"

FF - prefs.js..browser.startup.homepage: "http://se.msn.com"

FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=sv-SE&FORM=MICVE5&q="

FF - prefs.js..browser.search.selectedEngine: "Live Search"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-31 18:44:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program\AVG\AVG2012\Firefox4\ [2011-10-24 21:03:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-07 21:06:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-15 22:58:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program\Java\jre6\lib\deploy\jqs\ff [2011-12-01 15:13:18 | 000,000,000 | ---D | M]

[2011-12-01 23:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions

[2008-05-04 13:24:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010-10-08 15:26:23 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011-10-16 19:34:49 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\avg@toolbar

[2009-03-31 19:54:11 | 000,001,861 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\searchplugins\LiveSearch.xml

[2008-05-04 13:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

[2008-05-04 13:22:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

File not found (No name found) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD

File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\REAL-NETWORKS@PARTNERS.MOZILLA.COM

File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: ConduitChromeApi (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\bmbpbcpokffodhpcdjaoopolhdlbconi\2.4.0.4_0\js/ConduitChromeApiPlugin.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll

CHR - plugin: Musicnotes (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npmusicn.dll

CHR - plugin: ScorchPlugin (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\NPSibelius.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: DNA Plug-in (Enabled) = C:\Program\DNA\plugins\npbtdna.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dll

CHR - plugin: Media Go Detector (Enabled) = C:\Program\Sony\Media Go\npmediago.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: AdBlock = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.32_0\

CHR - Extension: AVG Safe Search = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2008-03-15 17:17:46 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (&Adress) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Adress) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Länkar) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Diamondback] C:\Program\Razer\Diamondback 3G\razerhid.exe ()

O4 - HKLM..\Run: [GrooveMonitor] C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [Launch LCore] C:\Program\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program\NVIDIA Corporation\nview\nwiz.exe ()

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updatePDRShortCut] C:\Program\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [vProt] C:\Program\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKCU..\Run: [Pando Media Booster] C:\Program\Pando Networks\Media Booster\PMB.exe ()

O4 - HKCU..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\dontdisplaylastusername: = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Lars\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O8 - Extra context menu item: Save YouTube Video - C:\Program\Delade filer\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)

O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program\Delade filer\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games – Texas Holdem Poker)

O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DB92874-42DA-4F43-BC76-5F57B3B4351D}: DhcpNameServer = 192.168.0.254

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program\Delade filer\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\MCPClient: DllName - (C:\Program\DELADE~1\Stardock\mcpstub.dll) - C:\Program\Delade filer\Stardock\MCPStub.dll (Stardock)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program\Delade filer\Stardock\MCPCore.dll (Stardock)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-03-13 12:16:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\Program\AVG\AVG2012\avgrsx.exe /sync /restart)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-12-04 23:18:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lars\Skrivbord\OTL.exe

[2011-12-01 23:49:02 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011-12-01 23:47:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011-12-01 23:47:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011-12-01 23:47:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011-12-01 23:47:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011-12-01 23:47:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011-12-01 23:47:03 | 000,000,000 | --SD | C] -- C:\ComboFix

[2011-12-01 23:47:00 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011-12-01 23:39:13 | 004,324,789 | R--- | C] (Swearware) -- C:\Documents and Settings\Lars\Skrivbord\ComboFix.exe

[2011-12-01 23:08:20 | 000,317,200 | ---- | C] (AVAST Software) -- C:\aswclear.exe

[2011-12-01 21:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Mina dokument\DriverGenius

[2011-12-01 15:13:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011-12-01 15:13:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011-12-01 15:13:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011-12-01 15:13:14 | 000,000,000 | ---D | C] -- C:\Program\Java

[2011-11-29 19:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Application Data\vlc

[2011-11-27 19:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Skrivbord\Star Wars - Adam

[2011-11-27 15:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Synthesia

[2011-11-27 15:51:09 | 000,000,000 | ---D | C] -- C:\Program\Synthesia

[2011-11-27 15:30:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Lars\Lokala inställningar\Application Data\be4fffb1

[2011-11-07 22:13:53 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Adobe AIR

[2011-11-06 20:15:03 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Nero

[2011-11-06 20:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Nero

[2011-11-06 18:13:10 | 124,104,696 | ---- | C] (Nero AG) -- C:\Documents and Settings\Lars\Skrivbord\Nero_BurningROM-11.0.10400_trial.exe

[2011-11-06 17:53:36 | 000,000,000 | ---D | C] -- C:\Program\Belarc

[2011-03-15 19:15:31 | 020,188,776 | ---- | C] (Cheetah Websites Corporation) -- C:\Program\CheetahDVDBurner.exe

[2010-01-19 18:03:09 | 013,976,672 | ---- | C] (D'Accord Music Software ) -- C:\Program\ichords2.exe

[2009-09-02 19:48:23 | 032,829,864 | ---- | C] (Online Media Technologies Ltd. ) -- C:\Program\AVSAudioEditor.exe

[2008-05-05 20:43:02 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program\RngInterstitial.dll

[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-12-04 23:19:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1788223648-725345543-1003.job

[2011-12-04 23:19:06 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1788223648-725345543-1003.job

[2011-12-04 23:18:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lars\Skrivbord\OTL.exe

[2011-12-04 23:03:14 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1788223648-725345543-1003UA.job

[2011-12-04 22:47:26 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011-12-04 22:20:21 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{06CB29FF-B097-4BAF-92E1-A6B704347D75}.job

[2011-12-04 22:19:00 | 000,619,258 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm

[2011-12-04 22:18:59 | 111,375,031 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm

[2011-12-04 22:18:41 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job

[2011-12-04 22:18:41 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011-12-04 22:17:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-12-04 22:17:11 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011-12-04 22:16:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-12-01 23:49:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011-12-01 23:39:19 | 004,324,789 | R--- | M] (Swearware) -- C:\Documents and Settings\Lars\Skrivbord\ComboFix.exe

[2011-12-01 23:31:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2011-12-01 23:31:24 | 000,002,578 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011-12-01 23:08:17 | 000,317,200 | ---- | M] (AVAST Software) -- C:\aswclear.exe

[2011-12-01 22:02:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1788223648-725345543-1003Core1cc721f1538d320.job

[2011-12-01 17:00:06 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2011-12-01 15:13:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2011-12-01 15:13:17 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011-12-01 15:13:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011-12-01 15:13:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011-11-29 19:19:44 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011-11-29 16:28:34 | 000,001,436 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Timpani.mid

[2011-11-27 22:49:11 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Microsoft Office Word 2007 (2).lnk

[2011-11-27 19:55:52 | 000,008,555 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star_Wars.mid

[2011-11-24 20:12:55 | 000,016,142 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Theme.mid

[2011-11-23 15:54:20 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Google Chrome.lnk

[2011-11-23 15:54:20 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011-11-15 22:59:03 | 000,001,455 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\DivX Movies.lnk

[2011-11-14 19:21:35 | 000,535,484 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2011-11-14 19:21:35 | 000,534,008 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011-11-14 19:21:35 | 000,114,462 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2011-11-14 19:21:35 | 000,098,860 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011-11-10 17:50:21 | 000,045,878 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\CHARIOTS.MID

[2011-11-09 20:21:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011-11-06 20:15:46 | 000,002,136 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Nero Burning ROM 11.lnk

[2011-11-06 18:19:36 | 000,031,473 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\EP4__Main_Title_and_Rebel_Blockade_Runner1.mid

[2011-11-06 18:15:33 | 124,104,696 | ---- | M] (Nero AG) -- C:\Documents and Settings\Lars\Skrivbord\Nero_BurningROM-11.0.10400_trial.exe

[2011-11-06 18:07:09 | 003,805,074 | ---- | M] () -- C:\Documents and Settings\Lars\Mina dokument\Belarc Advisor Computer Profile.pdf

[2011-11-06 17:53:38 | 000,001,649 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk

[2011-11-06 17:53:20 | 002,917,648 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\advisorinstaller.exe

[2011-11-06 17:36:12 | 000,001,472 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\ImgBurn.lnk

[2011-11-06 15:19:47 | 000,286,052 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2011-11-06 15:19:47 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin

[2011-11-06 15:19:32 | 000,286,052 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2011-11-06 15:16:15 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job

[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-12-02 00:04:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011-12-01 23:49:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2011-12-01 23:49:04 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2011-12-01 23:47:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011-12-01 23:47:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011-12-01 23:47:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011-12-01 23:47:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011-12-01 23:47:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011-11-29 16:28:34 | 000,001,436 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Timpani.mid

[2011-11-27 19:55:52 | 000,008,555 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star_Wars.mid

[2011-11-24 20:12:55 | 000,016,142 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Theme.mid

[2011-11-15 22:59:03 | 000,001,455 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\DivX Movies.lnk

[2011-11-10 17:50:22 | 000,045,878 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\CHARIOTS.MID

[2011-11-06 20:15:46 | 000,002,136 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Nero Burning ROM 11.lnk

[2011-11-06 18:19:36 | 000,031,473 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\EP4__Main_Title_and_Rebel_Blockade_Runner1.mid

[2011-11-06 18:07:09 | 003,805,074 | ---- | C] () -- C:\Documents and Settings\Lars\Mina dokument\Belarc Advisor Computer Profile.pdf

[2011-11-06 17:53:38 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Start-meny\Program\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,001,649 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk

[2011-11-06 17:53:36 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys

[2011-11-06 17:53:16 | 002,917,648 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\advisorinstaller.exe

[2011-11-06 17:36:12 | 000,001,472 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\ImgBurn.lnk

[2011-08-26 23:22:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2011-06-01 21:17:48 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2011-05-14 00:53:06 | 000,077,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011-04-30 17:12:17 | 000,286,052 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2011-04-30 17:12:17 | 000,286,052 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2011-04-30 17:12:17 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010-05-29 18:02:12 | 000,000,256 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010-01-19 18:05:41 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\VYAAUFMZPWSP.SYS

[2009-12-17 20:10:14 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI

[2009-10-22 15:46:44 | 000,005,729 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2009-10-21 17:03:09 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2009-09-03 20:36:43 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat

[2009-09-01 19:43:25 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini

[2009-08-24 14:58:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\wacam.ini

[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009-08-03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe

[2009-05-26 16:19:19 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2009-03-03 12:18:04 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2009-02-09 14:46:37 | 000,005,002 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\amjmwaey.gaf

[2008-12-15 15:07:10 | 000,058,672 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll

[2008-10-31 14:06:56 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2008-10-22 18:43:06 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll

[2008-10-22 18:43:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll

[2008-10-18 18:29:10 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2008-05-09 14:00:44 | 000,000,717 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2008-05-04 13:23:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008-04-13 14:39:08 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2008-03-17 20:15:31 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Lars\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-03-15 17:01:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008-03-15 16:30:56 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys

[2008-03-13 20:16:11 | 000,058,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys

[2008-03-13 20:14:59 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008-03-13 20:12:25 | 000,352,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-03-13 12:49:30 | 000,018,096 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2008-03-13 12:49:29 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2008-03-13 12:49:25 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2008-03-13 12:18:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008-03-13 12:14:13 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2007-12-05 01:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007-10-29 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2007-10-29 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2007-10-29 13:00:00 | 000,535,484 | ---- | C] () -- C:\WINDOWS\System32\perfh01D.dat

[2007-10-29 13:00:00 | 000,534,008 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2007-10-29 13:00:00 | 000,274,932 | ---- | C] () -- C:\WINDOWS\System32\perfi01D.dat

[2007-10-29 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2007-10-29 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2007-10-29 13:00:00 | 000,114,462 | ---- | C] () -- C:\WINDOWS\System32\perfc01D.dat

[2007-10-29 13:00:00 | 000,098,860 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2007-10-29 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2007-10-29 13:00:00 | 000,033,234 | ---- | C] () -- C:\WINDOWS\System32\perfd01D.dat

[2007-10-29 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2007-10-29 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2007-10-29 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2007-10-29 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2007-10-29 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2002-04-21 19:28:42 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\atsdrve.dll

========== LOP Check ==========

[2009-08-24 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF Text Replace

[2010-01-29 16:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

[2011-04-06 20:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian

[2011-10-16 20:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG

[2011-10-16 19:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012

[2010-11-22 16:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2008-03-15 17:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\close poke frag ooze

[2010-11-22 17:02:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2008-12-20 16:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft

[2009-11-11 20:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2008-10-09 20:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM

[2008-10-09 20:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail

[2011-12-04 22:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2008-11-11 17:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MP3 Remix

[2008-04-22 15:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes

[2008-06-11 15:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2008-07-11 12:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OD2

[2011-11-15 00:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2011-11-30 22:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc

[2011-07-28 19:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony

[2009-10-26 13:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock

[2008-03-15 16:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft

[2008-03-14 20:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems

[2009-07-04 16:19:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CED4439A-2AAC-4B94-8453-4969CC2D31F9}

[2009-05-11 20:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\aAvgApi

[2009-08-24 14:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\ACAMPREF

[2009-05-03 20:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Agency9

[2010-09-07 17:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Any Video Converter

[2011-11-29 21:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG

[2011-10-16 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG Secure Search

[2011-10-16 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG2012

[2010-01-28 20:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG9

[2011-12-01 23:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\BitTorrent

[2008-12-01 16:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Deckadance

[2008-09-01 16:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DMCache

[2008-08-30 22:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DNA

[2010-10-08 15:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DVDVideoSoftIEHelpers

[2009-09-17 14:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\GetRightToGo

[2009-02-02 20:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\GrabPro

[2008-04-16 20:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Grisoft

[2009-01-18 21:34:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\HTML Executable

[2008-04-07 16:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\ImgBurn

[2011-03-09 17:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\LolClient

[2008-06-11 15:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\NCH Swift Sound

[2008-09-14 21:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\NetMedia Providers

[2009-08-11 19:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\OpenCandy

[2010-03-22 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Opera

[2009-02-18 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Orbit

[2009-08-11 19:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Paltalk

[2008-08-20 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Publish Providers

[2008-04-13 16:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Runaware

[2011-06-06 22:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Sony

[2008-08-20 19:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Sony Setup

[2011-11-11 00:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Spotify

[2009-06-18 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Stardock

[2008-03-15 16:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Steinberg

[2011-11-27 21:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Synthesia

[2011-10-28 18:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\SystemRequirementsLab

[2009-03-31 19:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Techno Design IP

[2011-07-23 19:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Teleca

[2009-05-26 17:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Transclick

[2008-03-14 20:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Ulead Systems

[2011-11-06 15:16:15 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job

[2011-12-04 22:18:41 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job

[2011-12-01 17:00:06 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

[2011-12-04 22:20:21 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{06CB29FF-B097-4BAF-92E1-A6B704347D75}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Lars\Skrivbord\µ.bat:SummaryInformation

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

Link to post
Share on other sites

Here´s the Extras.txt

OTL Extras logfile created on: 2011-12-04 23:21:00 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Lars\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 64,88% Memory free

3,85 Gb Paging File | 3,17 Gb Available in Paging File | 82,24% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 232,88 Gb Total Space | 95,53 Gb Free Space | 41,02% Space Free | Partition Type: NTFS

Computer Name: LARS-52D1C95ED3 | User Name: Lars | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"58750:TCP" = 58750:TCP:*:Enabled:Pando Media Booster

"58750:UDP" = 58750:UDP:*:Enabled:Pando Media Booster

"58427:TCP" = 58427:TCP:*:Enabled:Pando Media Booster

"58427:UDP" = 58427:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

"1119:TCP" = 1119:TCP:*:Enabled:Blizzard Downloader

"1120:TCP" = 1120:TCP:*:Enabled:Blizzard Downloader

"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader

"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher

"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher

"6917:TCP" = 6917:TCP:*:Enabled:League of Legends Launcher

"6917:UDP" = 6917:UDP:*:Enabled:League of Legends Launcher

"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher

"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher

"6933:TCP" = 6933:TCP:*:Enabled:League of Legends Launcher

"6933:UDP" = 6933:UDP:*:Enabled:League of Legends Launcher

"6974:TCP" = 6974:TCP:*:Enabled:League of Legends Launcher

"6974:UDP" = 6974:UDP:*:Enabled:League of Legends Launcher

"6931:TCP" = 6931:TCP:*:Enabled:League of Legends Launcher

"6931:UDP" = 6931:UDP:*:Enabled:League of Legends Launcher

"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher

"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher

"8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby

"8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby

"8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client

"8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client

"6881:TCP" = 6881:TCP:*:Enabled:Blizzard Downloader: 6881

"58750:TCP" = 58750:TCP:*:Enabled:Pando Media Booster

"58750:UDP" = 58750:UDP:*:Enabled:Pando Media Booster

"58427:TCP" = 58427:TCP:*:Enabled:Pando Media Booster

"58427:UDP" = 58427:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\Program\Windows Live\Messenger\msnmsgr.exe" = C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program\Pando Networks\Media Booster\PMB.exe" = C:\Program\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program\World of Warcraft\Launcher.exe" = C:\Program\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)

"C:\Program\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = C:\Program\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\Program\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\Program\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\Program\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)

"C:\Program\Maxima-5.16.3\wxMaxima\wxMaxima.exe" = C:\Program\Maxima-5.16.3\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima -- ()

"E:\Counter-Strike - LAN BOT\hl.exe" = E:\Counter-Strike - LAN BOT\hl.exe:*:Disabled:Half-Life Launcher

"C:\Program\Ventrilo\Ventrilo.exe" = C:\Program\Ventrilo\Ventrilo.exe:*:Disabled:Ventrilo.exe -- (Flagship Industries, Inc.)

"C:\Program\BitTorrent\bittorrent.exe" = C:\Program\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

"C:\Program\Delade filer\Ahead\Nero Web\SetupX.exe" = C:\Program\Delade filer\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)

"C:\Program\Spotify\spotify.exe" = C:\Program\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Program\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()

"C:\Riot Games\League of Legends\lol.launcher.exe" = C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- ()

"C:\Program\Java\jre6\bin\java.exe" = C:\Program\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Program\Windows Live\Messenger\msnmsgr.exe" = C:\Program\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger -- (Microsoft Corporation)

"C:\Program\Xfire\Xfire.exe" = C:\Program\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)

"C:\Program\AVG\AVG2012\avgmfapx.exe" = C:\Program\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)

"C:\Program\AVG\AVG2012\avgnsx.exe" = C:\Program\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)

"C:\Program\AVG\AVG2012\avgdiagex.exe" = C:\Program\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)

"C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)

"C:\Program\World of Warcraft\Launcher.patch.exe" = C:\Program\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)

"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)

"C:\Program\Pando Networks\Media Booster\PMB.exe" = C:\Program\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

"C:\Program\AVG\AVG2012\avgwdsvc.exe" = C:\Program\AVG\AVG2012\avgwdsvc.exe:*:Enabled:AVG Remote Administration -- (AVG Technologies CZ, s.r.o.)

"C:\Program\AVG\AVG2012\avgemcx.exe" = C:\Program\AVG\AVG2012\avgemcx.exe:*:Disabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)

"C:\Program\Skype\Phone\Skype.exe" = C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{17014473-0098-4DF0-827D-7D582697C78C}" = Microsoft .NET Framework 2.0 Language Pack - SVE

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29

"{2770CB13-5093-4C94-A318-F103857E18B1}" = Smarta menyer (Windows Live Toolbar)

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{296D775C-839A-3618-8D5C-E2B588C5CD12}" = Microsoft .NET Framework 4 Extended SVE Language Pack

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1

"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36C9E08A-BE2B-40A0-83C5-576748F7B777}" = TestDrive Client

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5AFA4872-16B2-419E-ADCA-8E96E739115D}" = Music Manager

"{5C318BD3-BA72-43E4-9D16-A18210B4A5A5}" = Media Go

"{5F1ECD36-0DFA-4C58-830B-0F089083407F}" = AVG 2012

"{64E09E82-610D-4FB9-8722-1D2D1CD65A6B}" = Windows Live Toolbar Extension (Windows Live Toolbar)

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}" = Fliken Komma igång i Microsoft Office Word 2007

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B30FB1E-9F4A-49BA-9D74-174F1ECEB59D}" = Windows Live inloggningsassistenten

"{6F7614CC-F33A-4877-8814-49856F441F3C}" = Stardock MyColors

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client

"{7D004944-C4F1-4C44-AAD4-E7F85190ED00}" = AVG 2012

"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}" = Ulead VideoStudio 9.0 SE DVD

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-041D-0000-0000000FF1CE}" = Compatibility Pack för Office 2007-systemet

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software 8.01

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials

"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A3522177-E674-4DEC-ACB4-E64D4B0DE4F6}" = Windows Live Toolbar

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIAs kontrollpanel 285.58

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdrivrutin 285.58

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-uppdatering 1.5.20

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C60AAF4C-A72C-36E0-8CA4-41FF753D74F6}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}" = Sibelius Scorch (ActiveX Only)

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D052C16B-1290-41CF-8EFB-79337027B2F7}" = Sökmarkeringsfönstret (Windows Live Toolbar)

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{E06AB8AB-6E1F-47DD-92A9-0C551DED3A61}" = Steinberg Sequel

"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)

"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger

"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1053}" = Nero 7 Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player

"AFD653D92C0CA9E8F375124D6A0B19FFBA89B1D2" = Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)

"Analog Factory SE_is1" = Analog Factory SE 1.2

"Any Video Converter_is1" = Any Video Converter 2.7.6

"ASIO4ALL" = ASIO4ALL

"AudibleManager" = AudibleManager

"AVG" = AVG 2012

"AVG Secure Search" = AVG Security Toolbar

"Belarc Advisor" = Belarc Advisor 8.2

"CME Matrix K FW Audio Driver V2.27.0 Setup" = CME Matrix K FW Audio Driver V2.27.0

"DivX Setup" = DivX Setup

"DriverAgent.exe" = DriverAgent by eSupport.com

"Drumaxx" = Drumaxx

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FL Studio 9" = FL Studio 9

"Free Studio_is1" = Free Studio version 4.2

"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.1

"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.1

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9

"HTMLExecutableIERuntimeSetup44" = HTML Executable IERuntime

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"IL Download Manager" = IL Download Manager

"ImgBurn" = ImgBurn

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor

"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Microsoft .NET Framework 2.0 Language Pack - SVE" = Microsoft .NET Framework 2.0 Language Pack - SVE

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended SVE Language Pack" = Microsoft .NET Framework 4 Extended Language Pack - SVE

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.0

"Musicnotes Player_is1" = Musicnotes Player V1.23.1

"MuVo Driver" = Creative Mass Storage Drivers

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NoteWorthy Composer" = NoteWorthy Composer

"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager

"PoiZone" = PoiZone

"RealPlayer 12.0" = RealPlayer

"Sakura" = Sakura

"Samplitude V8 SE US" = Samplitude V8 SE (US)

"Sawer" = Sawer

"Spotify" = Spotify

"Syncrosoft License Control" = Syncrosoft License Control

"Synthesia" = Synthesia (remove only)

"Toxic Biohazard" = Toxic Biohazard

"Uninstall_is1" = Uninstall 1.0.0.1

"Update Engine" = Sony Ericsson Update Engine

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"winusb0100" = Microsoft WinUsb 1.0

"VLC media player" = VLC media player 1.1.11

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"World of Warcraft" = World of Warcraft

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"Xfire" = Xfire (remove only)

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent DNA" = DNA

"Google Chrome" = Google Chrome

"Techno Design IP Notify" = LiveSearch Notification Tool

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2011-12-01 18:52:57 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: A connection with the server could not be established

Error - 2011-12-01 18:52:57 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:52:57 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:52:57 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

Error - 2011-12-01 18:53:03 | Computer Name = LARS-52D1C95ED3 | Source = crypt32 | ID = 131080

Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret

från: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.

Fel: Den här nätverksanslutningen finns inte.

[ OSession Events ]

Error - 2011-04-11 10:03:22 | Computer Name = LARS-52D1C95ED3 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 434

seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 2011-12-01 18:19:41 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7026

Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av

fel under start: Aavmker4 AFD aswSP aswTdi Avgldx86 Avgmfx86 Avgtdix BANTExt Fips intelppm

IPSec

MRxSmb

NetBIOS

NetBT

RasAcd

Rdbss

Tcpip

Error - 2011-12-01 18:22:11 | Computer Name = LARS-52D1C95ED3 | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med

argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-12-01 18:27:57 | Computer Name = LARS-52D1C95ED3 | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med

argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-12-01 18:28:02 | Computer Name = LARS-52D1C95ED3 | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten netman med argumenten

för att köra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2011-12-01 18:28:36 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7001

Description = Tjänsten DHCP Client är beroende av tjänsten NetBios over Tcpip. Den

sistnämnda kunde inte starta på grund av följande fel: %%31

Error - 2011-12-01 18:28:36 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7001

Description = Tjänsten DNS Client är beroende av tjänsten TCP/IP Protocol Driver.

Den sistnämnda kunde inte starta på grund av följande fel: %%31

Error - 2011-12-01 18:28:36 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7001

Description = Tjänsten TCP/IP NetBIOS Helper är beroende av tjänsten AFD. Den sistnämnda

kunde inte starta på grund av följande fel: %%31

Error - 2011-12-01 18:28:36 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7001

Description = Tjänsten IPSEC Services är beroende av tjänsten IPSEC driver. Den

sistnämnda kunde inte starta på grund av följande fel: %%31

Error - 2011-12-01 18:28:36 | Computer Name = LARS-52D1C95ED3 | Source = Service Control Manager | ID = 7026

Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av

fel under start: Aavmker4 AFD aswSP aswTdi Avgldx86 Avgmfx86 Avgtdix BANTExt Fips intelppm

IPSec

MRxSmb

NetBIOS

NetBT

RasAcd

Rdbss

Tcpip

Error - 2011-12-01 18:31:53 | Computer Name = LARS-52D1C95ED3 | Source = DCOM | ID = 10005

Description = DCOM fick felet %1084 vid försök att starta tjänsten EventSystem med

argumenten för att köra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

< End of report >

Link to post
Share on other sites

Please uninstall DNA and then:

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:OTL
[2011-11-27 15:30:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Lars\Lokala inställningar\Application Data\be4fffb1
[2011-11-06 17:53:20 | 002,917,648 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\advisorinstaller.exe
[2009-02-09 14:46:37 | 000,005,002 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\amjmwaey.gaf
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Lars\Skrivbord\µ.bat:SummaryInformation
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
[2010-01-19 18:05:41 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\VYAAUFMZPWSP.SYS
[2010-01-29 16:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software

:Commands
[emptytemp]
[clearallrestorepoints]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log".
  • Please post that log in your next reply.

Link to post
Share on other sites

When I uninstalled DNA, the DNA icon was still visible in the control panel. Which means it wasn´t completely uninstalled. Do you have any info on how to remove it, like you had with Avast?

The OTL custom fix log is below:

All processes killed

========== OTL ==========

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\be4fffb1\U folder moved successfully.

C:\Documents and Settings\Lars\Lokala inställningar\Application Data\be4fffb1 folder moved successfully.

C:\Documents and Settings\Lars\Skrivbord\advisorinstaller.exe moved successfully.

C:\Documents and Settings\All Users\Application Data\amjmwaey.gaf moved successfully.

ADS C:\Documents and Settings\Lars\Skrivbord\µ.bat:SummaryInformation deleted successfully.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.

C:\Documents and Settings\All Users\Application Data\VYAAUFMZPWSP.SYS moved successfully.

C:\Documents and Settings\All Users\Application Data\Alwil Software folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administratör

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 56475 bytes

User: Lars

->Temp folder emptied: 26575 bytes

->Temporary Internet Files folder emptied: 100385 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 3964277 bytes

->Google Chrome cache emptied: 7361133 bytes

->Opera cache emptied: 5965 bytes

->Flash cache emptied: 410 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 49286 bytes

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 4289625 bytes

%systemroot%\System32 .tmp files removed: 2148978 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 25720 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 17,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 12052011_173310

Files\Folders moved on Reboot...

File\Folder C:\Documents and Settings\Lars\Lokala inställningar\Temp\Perflib_Perfdata_f30.dat not found!

Registry entries deleted on Reboot...

Link to post
Share on other sites

I assumed I should use the same settings as the first OTL scan I did, so here you go:

OTL logfile created on: 2011-12-05 21:17:44 - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Lars\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,57% Memory free

3,85 Gb Paging File | 3,27 Gb Available in Paging File | 84,91% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 232,88 Gb Total Space | 101,41 Gb Free Space | 43,54% Space Free | Partition Type: NTFS

Computer Name: LARS-52D1C95ED3 | User Name: Lars | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Lars\Skrivbord\OTL.exe (OldTimer Tools)

PRC - C:\Program\AVG Secure Search\vprot.exe ()

PRC - C:\Program\Pando Networks\Media Booster\PMB.exe ()

PRC - C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

PRC - C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program\Nero\Update\NASvc.exe (Nero AG)

PRC - C:\Program\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program\Logitech Gaming Software\LCore.exe (Logitech Inc.)

PRC - C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Razer\Diamondback 3G\razerhid.exe ()

PRC - C:\Program\Razer\Diamondback 3G\razertra.exe ()

PRC - C:\Program\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)

PRC - C:\Program\Delade filer\Stardock\SDMCP.exe (Stardock)

PRC - C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program\AVG Secure Search\vprot.exe ()

MOD - C:\Program\Pando Networks\Media Booster\PMB.exe ()

MOD - C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

MOD - C:\Program\Logitech Gaming Software\plugins\SimInput-8.01.063\SimInput.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.01.044\PnpGamePanelDevices.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\MainUI-8.01.172\MainUI.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\G19Device-8.01.142\G19Device.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\G13Device-8.01.150\G13Device.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevBusHid-8.01.072\DevBusHid.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevBusBulk-8.01.071\DevBusBulk.dll ()

MOD - C:\Program\Logitech Gaming Software\plugins\DevMgr-8.01.072\DevMgr.dll ()

MOD - C:\Program\Razer\Diamondback 3G\razerhid.exe ()

MOD - C:\Program\Razer\Diamondback 3G\razertra.exe ()

========== Win32 Services (SafeList) ==========

SRV - (vToolbarUpdater) -- C:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()

SRV - (nvUpdatusService) -- C:\Program\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (NAUpdate) -- C:\Program\Nero\Update\NASvc.exe (Nero AG)

SRV - (AVGIDSAgent) -- C:\Program\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

SRV - (MBAMService) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (avgfws) -- C:\Program\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgwd) -- C:\Program\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (Sony Ericsson PCCompanion) -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)

SRV - (odserv) -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (NMIndexingService) -- C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (Nero AG)

SRV - (ose) -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (UleadBurningHelper) -- C:\Program\Delade filer\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)

SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (LGVirHid) -- C:\WINDOWS\system32\drivers\LGVirHid.sys (Logitech Inc.)

DRV - (LGBusEnum) -- C:\WINDOWS\system32\drivers\LGBusEnum.sys (Logitech Inc.)

DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()

DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )

DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )

DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)

DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)

DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)

DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation)

DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation)

DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation)

DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation)

DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation)

DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation)

DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation)

DRV - (SynasUSB) -- C:\WINDOWS\system32\drivers\synasUSB.sys (SIA Syncrosoft)

DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )

DRV - (CME_avs) -- C:\WINDOWS\system32\drivers\CME_avs.sys (BridgeCo AG)

DRV - (CME_1394) -- C:\WINDOWS\system32\drivers\CME_1394.sys (BridgeCo AG)

DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)

DRV - (Razerlow) -- C:\WINDOWS\system32\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.se/

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..browser.search.selectedEngine: "Orbit Search (Powered By Google)"

FF - prefs.js..browser.startup.homepage: "http://www.google.se/"

FF - prefs.js..browser.startup.homepage: "http://se.msn.com"

FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=sv-SE&FORM=MICVE5&q="

FF - prefs.js..browser.search.selectedEngine: "Live Search"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-31 18:44:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program\AVG\AVG2012\Firefox4\ [2011-10-24 21:03:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-07 21:06:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-15 22:58:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program\Java\jre6\lib\deploy\jqs\ff [2011-12-01 15:13:18 | 000,000,000 | ---D | M]

[2011-12-01 23:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions

[2008-05-04 13:24:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010-10-08 15:26:23 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011-10-16 19:34:49 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\extensions\avg@toolbar

[2009-03-31 19:54:11 | 000,001,861 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Mozilla\Firefox\Profiles\4demwn0g.default\searchplugins\LiveSearch.xml

[2008-05-04 13:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

[2008-05-04 13:22:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

File not found (No name found) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD

File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\REAL-NETWORKS@PARTNERS.MOZILLA.COM

File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: ConduitChromeApi (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\bmbpbcpokffodhpcdjaoopolhdlbconi\2.4.0.4_0\js/ConduitChromeApiPlugin.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll

CHR - plugin: Musicnotes (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npmusicn.dll

CHR - plugin: ScorchPlugin (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\NPSibelius.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Lars\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: DNA Plug-in (Enabled) = C:\Program\DNA\plugins\npbtdna.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dll

CHR - plugin: Media Go Detector (Enabled) = C:\Program\Sony\Media Go\npmediago.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: AdBlock = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.32_0\

CHR - Extension: AVG Safe Search = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2008-03-15 17:17:46 | 000,000,850 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (&Adress) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Adress) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Länkar) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVG_TRAY] C:\Program\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Diamondback] C:\Program\Razer\Diamondback 3G\razerhid.exe ()

O4 - HKLM..\Run: [GrooveMonitor] C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [Launch LCore] C:\Program\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\Program\NVIDIA Corporation\nview\nwiz.exe ()

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updatePDRShortCut] C:\Program\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [vProt] C:\Program\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKCU..\Run: [Pando Media Booster] C:\Program\Pando Networks\Media Booster\PMB.exe ()

O4 - HKCU..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\dontdisplaylastusername: = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Lars\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O8 - Extra context menu item: Save YouTube Video - C:\Program\Delade filer\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)

O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program\Delade filer\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games – Texas Holdem Poker)

O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (SysInfo Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DB92874-42DA-4F43-BC76-5F57B3B4351D}: DhcpNameServer = 192.168.0.254

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program\Delade filer\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\MCPClient: DllName - (C:\Program\DELADE~1\Stardock\mcpstub.dll) - C:\Program\Delade filer\Stardock\MCPStub.dll (Stardock)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program\Delade filer\Stardock\MCPCore.dll (Stardock)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lars\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-03-13 12:16:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\Program\AVG\AVG2012\avgrsx.exe /sync /restart)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-12-05 17:33:10 | 000,000,000 | ---D | C] -- C:\_OTL

[2011-12-04 23:18:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lars\Skrivbord\OTL.exe

[2011-12-01 23:49:02 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011-12-01 23:47:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011-12-01 23:47:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011-12-01 23:47:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011-12-01 23:47:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011-12-01 23:47:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011-12-01 23:47:03 | 000,000,000 | --SD | C] -- C:\ComboFix

[2011-12-01 23:47:00 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011-12-01 23:39:13 | 004,324,789 | R--- | C] (Swearware) -- C:\Documents and Settings\Lars\Skrivbord\ComboFix.exe

[2011-12-01 23:08:20 | 000,317,200 | ---- | C] (AVAST Software) -- C:\aswclear.exe

[2011-12-01 21:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Mina dokument\DriverGenius

[2011-12-01 15:13:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011-12-01 15:13:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011-12-01 15:13:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011-12-01 15:13:14 | 000,000,000 | ---D | C] -- C:\Program\Java

[2011-11-29 19:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Application Data\vlc

[2011-11-27 19:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lars\Skrivbord\Star Wars - Adam

[2011-11-27 15:51:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Synthesia

[2011-11-27 15:51:09 | 000,000,000 | ---D | C] -- C:\Program\Synthesia

[2011-11-07 22:13:53 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Adobe AIR

[2011-11-06 20:15:03 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Nero

[2011-11-06 20:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Nero

[2011-11-06 18:13:10 | 124,104,696 | ---- | C] (Nero AG) -- C:\Documents and Settings\Lars\Skrivbord\Nero_BurningROM-11.0.10400_trial.exe

[2011-11-06 17:53:36 | 000,000,000 | ---D | C] -- C:\Program\Belarc

[2011-03-15 19:15:31 | 020,188,776 | ---- | C] (Cheetah Websites Corporation) -- C:\Program\CheetahDVDBurner.exe

[2010-01-19 18:03:09 | 013,976,672 | ---- | C] (D'Accord Music Software ) -- C:\Program\ichords2.exe

[2009-09-02 19:48:23 | 032,829,864 | ---- | C] (Online Media Technologies Ltd. ) -- C:\Program\AVSAudioEditor.exe

[2008-05-05 20:43:02 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[2011-12-05 21:16:21 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1788223648-725345543-1003.job

[2011-12-05 21:16:19 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job

[2011-12-05 21:16:19 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011-12-05 21:16:09 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1788223648-725345543-1003.job

[2011-12-05 21:16:03 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-12-05 21:15:29 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011-12-05 21:15:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-12-05 17:47:03 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011-12-05 17:25:08 | 111,434,643 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm

[2011-12-04 23:18:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lars\Skrivbord\OTL.exe

[2011-12-04 23:03:14 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1788223648-725345543-1003UA.job

[2011-12-04 22:20:21 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{06CB29FF-B097-4BAF-92E1-A6B704347D75}.job

[2011-12-04 22:19:00 | 000,619,258 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm

[2011-12-01 23:49:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011-12-01 23:39:19 | 004,324,789 | R--- | M] (Swearware) -- C:\Documents and Settings\Lars\Skrivbord\ComboFix.exe

[2011-12-01 23:31:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2011-12-01 23:31:24 | 000,002,578 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011-12-01 23:08:17 | 000,317,200 | ---- | M] (AVAST Software) -- C:\aswclear.exe

[2011-12-01 22:02:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1788223648-725345543-1003Core1cc721f1538d320.job

[2011-12-01 17:00:06 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2011-12-01 15:13:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2011-12-01 15:13:17 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011-12-01 15:13:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011-12-01 15:13:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011-11-29 19:19:44 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011-11-29 16:28:34 | 000,001,436 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Timpani.mid

[2011-11-27 22:49:11 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Microsoft Office Word 2007 (2).lnk

[2011-11-27 19:55:52 | 000,008,555 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star_Wars.mid

[2011-11-24 20:12:55 | 000,016,142 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Theme.mid

[2011-11-23 15:54:20 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\Google Chrome.lnk

[2011-11-23 15:54:20 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011-11-15 22:59:03 | 000,001,455 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\DivX Movies.lnk

[2011-11-14 19:21:35 | 000,535,484 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2011-11-14 19:21:35 | 000,534,008 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011-11-14 19:21:35 | 000,114,462 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2011-11-14 19:21:35 | 000,098,860 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011-11-10 17:50:21 | 000,045,878 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\CHARIOTS.MID

[2011-11-09 20:21:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011-11-06 20:15:46 | 000,002,136 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Nero Burning ROM 11.lnk

[2011-11-06 18:19:36 | 000,031,473 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\EP4__Main_Title_and_Rebel_Blockade_Runner1.mid

[2011-11-06 18:15:33 | 124,104,696 | ---- | M] (Nero AG) -- C:\Documents and Settings\Lars\Skrivbord\Nero_BurningROM-11.0.10400_trial.exe

[2011-11-06 18:07:09 | 003,805,074 | ---- | M] () -- C:\Documents and Settings\Lars\Mina dokument\Belarc Advisor Computer Profile.pdf

[2011-11-06 17:53:38 | 000,001,649 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk

[2011-11-06 17:36:12 | 000,001,472 | ---- | M] () -- C:\Documents and Settings\Lars\Skrivbord\ImgBurn.lnk

[2011-11-06 15:19:47 | 000,286,052 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2011-11-06 15:19:47 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin

[2011-11-06 15:19:32 | 000,286,052 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2011-11-06 15:16:15 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job

========== Files Created - No Company Name ==========

[2011-12-02 00:04:05 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011-12-01 23:49:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2011-12-01 23:49:04 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2011-12-01 23:47:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011-12-01 23:47:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011-12-01 23:47:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011-12-01 23:47:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011-12-01 23:47:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011-11-29 16:28:34 | 000,001,436 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Timpani.mid

[2011-11-27 19:55:52 | 000,008,555 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star_Wars.mid

[2011-11-24 20:12:55 | 000,016,142 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\Star Wars Theme.mid

[2011-11-15 22:59:03 | 000,001,455 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\DivX Movies.lnk

[2011-11-10 17:50:22 | 000,045,878 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\CHARIOTS.MID

[2011-11-06 20:15:46 | 000,002,136 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Nero Burning ROM 11.lnk

[2011-11-06 18:19:36 | 000,031,473 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\EP4__Main_Title_and_Rebel_Blockade_Runner1.mid

[2011-11-06 18:07:09 | 003,805,074 | ---- | C] () -- C:\Documents and Settings\Lars\Mina dokument\Belarc Advisor Computer Profile.pdf

[2011-11-06 17:53:38 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Start-meny\Program\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,001,649 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Belarc Advisor.lnk

[2011-11-06 17:53:38 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\Lars\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk

[2011-11-06 17:53:36 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys

[2011-11-06 17:36:12 | 000,001,472 | ---- | C] () -- C:\Documents and Settings\Lars\Skrivbord\ImgBurn.lnk

[2011-08-26 23:22:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2011-06-01 21:17:48 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2011-05-14 00:53:06 | 000,077,036 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011-04-30 17:12:17 | 000,286,052 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2011-04-30 17:12:17 | 000,286,052 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2011-04-30 17:12:17 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010-05-29 18:02:12 | 000,000,256 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2009-12-17 20:10:14 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI

[2009-10-22 15:46:44 | 000,005,729 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2009-10-21 17:03:09 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys

[2009-09-03 20:36:43 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat

[2009-09-01 19:43:25 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini

[2009-08-24 14:58:33 | 000,000,724 | ---- | C] () -- C:\WINDOWS\wacam.ini

[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009-08-03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe

[2009-05-26 16:19:19 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2009-03-03 12:18:04 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2008-12-15 15:07:10 | 000,058,672 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll

[2008-10-31 14:06:56 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2008-10-22 18:43:06 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll

[2008-10-22 18:43:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll

[2008-10-18 18:29:10 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2008-05-09 14:00:44 | 000,000,717 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2008-05-04 13:23:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2008-04-13 14:39:08 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2008-03-17 20:15:31 | 000,098,304 | ---- | C] () -- C:\Documents and Settings\Lars\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-03-15 17:01:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008-03-15 16:30:56 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys

[2008-03-13 20:16:11 | 000,058,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys

[2008-03-13 20:14:59 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008-03-13 20:12:25 | 000,352,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-03-13 12:49:30 | 000,018,096 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2008-03-13 12:49:29 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2008-03-13 12:49:25 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2008-03-13 12:18:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008-03-13 12:14:13 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2007-12-05 01:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007-10-29 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2007-10-29 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2007-10-29 13:00:00 | 000,535,484 | ---- | C] () -- C:\WINDOWS\System32\perfh01D.dat

[2007-10-29 13:00:00 | 000,534,008 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2007-10-29 13:00:00 | 000,274,932 | ---- | C] () -- C:\WINDOWS\System32\perfi01D.dat

[2007-10-29 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2007-10-29 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2007-10-29 13:00:00 | 000,114,462 | ---- | C] () -- C:\WINDOWS\System32\perfc01D.dat

[2007-10-29 13:00:00 | 000,098,860 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2007-10-29 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2007-10-29 13:00:00 | 000,033,234 | ---- | C] () -- C:\WINDOWS\System32\perfd01D.dat

[2007-10-29 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2007-10-29 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2007-10-29 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2007-10-29 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2007-10-29 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2002-04-21 19:28:42 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\atsdrve.dll

========== LOP Check ==========

[2009-08-24 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\A-PDF Text Replace

[2011-04-06 20:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian

[2011-10-16 20:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG

[2011-10-16 19:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012

[2010-11-22 16:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2008-03-15 17:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\close poke frag ooze

[2010-11-22 17:02:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2008-12-20 16:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft

[2009-11-11 20:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro

[2008-10-09 20:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM

[2008-10-09 20:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail

[2011-12-05 17:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2008-11-11 17:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MP3 Remix

[2008-04-22 15:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes

[2008-06-11 15:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2008-07-11 12:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OD2

[2011-11-15 00:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2011-11-30 22:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc

[2011-07-28 19:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony

[2009-10-26 13:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock

[2008-03-15 16:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft

[2008-03-14 20:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems

[2009-07-04 16:19:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CED4439A-2AAC-4B94-8453-4969CC2D31F9}

[2009-05-11 20:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\aAvgApi

[2009-08-24 14:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\ACAMPREF

[2009-05-03 20:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Agency9

[2010-09-07 17:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Any Video Converter

[2011-11-29 21:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG

[2011-10-16 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG Secure Search

[2011-10-16 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG2012

[2010-01-28 20:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\AVG9

[2011-12-01 23:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\BitTorrent

[2008-12-01 16:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Deckadance

[2008-09-01 16:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DMCache

[2008-08-30 22:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DNA

[2010-10-08 15:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\DVDVideoSoftIEHelpers

[2009-09-17 14:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\GetRightToGo

[2009-02-02 20:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\GrabPro

[2008-04-16 20:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Grisoft

[2009-01-18 21:34:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\HTML Executable

[2008-04-07 16:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\ImgBurn

[2011-03-09 17:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\LolClient

[2008-06-11 15:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\NCH Swift Sound

[2008-09-14 21:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\NetMedia Providers

[2009-08-11 19:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\OpenCandy

[2010-03-22 21:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Opera

[2009-02-18 16:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Orbit

[2009-08-11 19:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Paltalk

[2008-08-20 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Publish Providers

[2008-04-13 16:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Runaware

[2011-06-06 22:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Sony

[2008-08-20 19:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Sony Setup

[2011-11-11 00:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Spotify

[2009-06-18 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Stardock

[2008-03-15 16:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Steinberg

[2011-11-27 21:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Synthesia

[2009-03-31 19:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Techno Design IP

[2011-07-23 19:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Teleca

[2009-05-26 17:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Transclick

[2008-03-14 20:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lars\Application Data\Ulead Systems

[2011-11-06 15:16:15 | 000,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job

[2011-12-05 21:16:19 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup 2011 Integrator Start On Windows Logon.job

[2011-12-01 17:00:06 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

[2011-12-04 22:20:21 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{06CB29FF-B097-4BAF-92E1-A6B704347D75}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

Link to post
Share on other sites

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:OTL
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR - plugin: DNA Plug-in (Enabled) = C:\Program\DNA\plugins\npbtdna.dll
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

:files
C:\Program\DNA
C:\Documents and Settings\Lars\Application Data\DNA

:Commands
[emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log".
  • Please post that log in your next reply.

Link to post
Share on other sites

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.

C:\Program\DNA\plugins\npbtdna.dll moved successfully.

File C:\Program\DNA\plugins\npbtdna.dll not found.

ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.

========== FILES ==========

C:\Program\DNA\plugins folder moved successfully.

C:\Program\DNA folder moved successfully.

C:\Documents and Settings\Lars\Application Data\DNA folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administratör

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Lars

->Temp folder emptied: 12472 bytes

->Temporary Internet Files folder emptied: 97662 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Google Chrome cache emptied: 6928674 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 27646 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 7,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12062011_163056

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

  1. Please run a free online scan with the ESET Online Scanner
    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a roeply to this topic

In your next reply, please post the following log files:

  • Malwarebytes' Anti-Malware log
  • ESET Online Scanner log

Link to post
Share on other sites

Here´s the MBAM log, it´s in swedish but you can google translate it if you have to. It didn´t find anything though.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Databasversion: 8328

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

2011-12-07 15:50:47

mbam-log-2011-12-07 (15-50-47).txt

Skanningstyp: Snabbskanning

Antal skannade objekt: 196927

Förfluten tid: 3 minut(er), 4 sekund(er)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

Infekterade minnesprocesser:

(Inga skadliga poster hittades)

Infekterade minnesmoduler:

(Inga skadliga poster hittades)

Infekterade registernycklar:

(Inga skadliga poster hittades)

Infekterade registervärden:

(Inga skadliga poster hittades)

Infekterade registerdataposter:

(Inga skadliga poster hittades)

Infekterade mappar:

(Inga skadliga poster hittades)

Infekterade filer:

(Inga skadliga poster hittades)

ESET log down below:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=2f39ea0b1566ca44bbfe08b543eab77f

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-12-07 04:22:08

# local_time=2011-12-07 05:22:08 (+0100, Västeuropa, normaltid)

# country="Sweden"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=769 16774142 0 34 58581089 64167383 0 0

# compatibility_mode=1024 16777175 100 0 4473643 4473643 0 0

# compatibility_mode=5889 16768382 80 100 36091451 163202160 0 82310214

# compatibility_mode=8192 67108863 100 0 3766 3766 0 0

# scanned=128960

# found=1

# cleaned=0

# scan_time=5114

C:\WINDOWS\system32\drivers\redbook.sys a variant of Win32/Rootkit.Kryptik.FR trojan (unable to clean) 00000000000000000000000000000000 I

Link to post
Share on other sites

I understand it without swedish, but it is time to learn it I guess :P

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

21:30:13.0781 3388 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

21:30:15.0078 3388 ============================================================

21:30:15.0078 3388 Current date / time: 2011/12/08 21:30:15.0078

21:30:15.0078 3388 SystemInfo:

21:30:15.0078 3388

21:30:15.0078 3388 OS Version: 5.1.2600 ServicePack: 3.0

21:30:15.0078 3388 Product type: Workstation

21:30:15.0078 3388 ComputerName: LARS-52D1C95ED3

21:30:15.0078 3388 UserName: Lars

21:30:15.0078 3388 Windows directory: C:\WINDOWS

21:30:15.0078 3388 System windows directory: C:\WINDOWS

21:30:15.0078 3388 Processor architecture: Intel x86

21:30:15.0078 3388 Number of processors: 2

21:30:15.0078 3388 Page size: 0x1000

21:30:15.0078 3388 Boot type: Normal boot

21:30:15.0078 3388 ============================================================

21:30:16.0109 3388 Initialize success

21:30:39.0000 3380 ============================================================

21:30:39.0000 3380 Scan started

21:30:39.0000 3380 Mode: Manual; SigCheck; TDLFS;

21:30:39.0000 3380 ============================================================

21:30:39.0640 3380 Abiosdsk - ok

21:30:39.0656 3380 abp480n5 - ok

21:30:39.0687 3380 ACPI (48547e29772befe3c554ff5e4855bf51) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:30:39.0937 3380 ACPI - ok

21:30:39.0968 3380 ACPIEC (decedc736cef3c0fff6e981b31e73a61) C:\WINDOWS\system32\drivers\ACPIEC.sys

21:30:40.0078 3380 ACPIEC - ok

21:30:40.0125 3380 ADIHdAudAddService (ae3475450bd241598ae60cab4a40fadf) C:\WINDOWS\system32\drivers\ADIHdAud.sys

21:30:40.0140 3380 ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - warning

21:30:40.0140 3380 ADIHdAudAddService - detected UnsignedFile.Multi.Generic (1)

21:30:40.0171 3380 adpu160m - ok

21:30:40.0234 3380 AEAudioService (f932a37fff15d1b35289213089e9c78d) C:\WINDOWS\system32\drivers\AEAudio.sys

21:30:40.0296 3380 AEAudioService ( UnsignedFile.Multi.Generic ) - warning

21:30:40.0296 3380 AEAudioService - detected UnsignedFile.Multi.Generic (1)

21:30:40.0375 3380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:30:40.0468 3380 aec - ok

21:30:40.0531 3380 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

21:30:40.0562 3380 AFD - ok

21:30:40.0593 3380 Aha154x - ok

21:30:40.0609 3380 aic78u2 - ok

21:30:40.0625 3380 aic78xx - ok

21:30:40.0640 3380 AliIde - ok

21:30:40.0656 3380 amsint - ok

21:30:40.0656 3380 appliandMP - ok

21:30:40.0687 3380 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

21:30:40.0781 3380 Arp1394 - ok

21:30:40.0781 3380 asc - ok

21:30:40.0796 3380 asc3350p - ok

21:30:40.0812 3380 asc3550 - ok

21:30:40.0859 3380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:30:40.0984 3380 AsyncMac - ok

21:30:41.0015 3380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:30:41.0125 3380 atapi - ok

21:30:41.0125 3380 Atdisk - ok

21:30:41.0171 3380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:30:41.0281 3380 Atmarpc - ok

21:30:41.0312 3380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:30:41.0406 3380 audstub - ok

21:30:41.0421 3380 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

21:30:41.0437 3380 Avgfwdx - ok

21:30:41.0437 3380 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

21:30:41.0453 3380 Avgfwfd - ok

21:30:41.0484 3380 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

21:30:41.0515 3380 AVGIDSDriver - ok

21:30:41.0531 3380 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

21:30:41.0546 3380 AVGIDSEH - ok

21:30:41.0562 3380 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

21:30:41.0562 3380 AVGIDSFilter - ok

21:30:41.0593 3380 AVGIDSShim (07eba0c11fa1d73b82ecc3255ddfe34d) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

21:30:41.0593 3380 AVGIDSShim - ok

21:30:41.0609 3380 Avgldx86 (f4dbbc8d3c5338693da23c59a50f8abc) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

21:30:41.0625 3380 Avgldx86 - ok

21:30:41.0640 3380 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

21:30:41.0656 3380 Avgmfx86 - ok

21:30:41.0671 3380 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

21:30:41.0687 3380 Avgrkx86 - ok

21:30:41.0703 3380 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

21:30:41.0718 3380 Avgtdix - ok

21:30:41.0765 3380 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys

21:30:41.0781 3380 BANTExt ( UnsignedFile.Multi.Generic ) - warning

21:30:41.0781 3380 BANTExt - detected UnsignedFile.Multi.Generic (1)

21:30:41.0812 3380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:30:41.0921 3380 Beep - ok

21:30:41.0937 3380 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys

21:30:42.0046 3380 Bridge - ok

21:30:42.0046 3380 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys

21:30:42.0140 3380 BridgeMP - ok

21:30:42.0265 3380 catchme - ok

21:30:42.0296 3380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:30:42.0406 3380 cbidf2k - ok

21:30:42.0421 3380 cd20xrnt - ok

21:30:42.0437 3380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:30:42.0546 3380 Cdaudio - ok

21:30:42.0562 3380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:30:42.0656 3380 Cdfs - ok

21:30:42.0671 3380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:30:42.0765 3380 Cdrom - ok

21:30:42.0765 3380 Changer - ok

21:30:42.0781 3380 CmdIde - ok

21:30:42.0828 3380 CME_1394 (827203276e550b33139296d5922b8a77) C:\WINDOWS\system32\Drivers\CME_1394.sys

21:30:42.0828 3380 CME_1394 ( UnsignedFile.Multi.Generic ) - warning

21:30:42.0828 3380 CME_1394 - detected UnsignedFile.Multi.Generic (1)

21:30:42.0859 3380 CME_avs (a2ffe1e995f9840ac4e44775b00702c8) C:\WINDOWS\system32\Drivers\CME_avs.sys

21:30:42.0859 3380 CME_avs ( UnsignedFile.Multi.Generic ) - warning

21:30:42.0859 3380 CME_avs - detected UnsignedFile.Multi.Generic (1)

21:30:42.0875 3380 Cpqarray - ok

21:30:42.0890 3380 cpudrv - ok

21:30:42.0906 3380 dac2w2k - ok

21:30:42.0921 3380 dac960nt - ok

21:30:42.0921 3380 DBKDRVR54 - ok

21:30:42.0937 3380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:30:43.0031 3380 Disk - ok

21:30:43.0062 3380 dmboot (80008bd0c19d97b0b3f4d1d9cbf190a8) C:\WINDOWS\system32\drivers\dmboot.sys

21:30:43.0171 3380 dmboot - ok

21:30:43.0203 3380 dmio (41862731f82be80f0cfba5d0da36b683) C:\WINDOWS\system32\drivers\dmio.sys

21:30:43.0281 3380 dmio - ok

21:30:43.0296 3380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:30:43.0406 3380 dmload - ok

21:30:43.0437 3380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:30:43.0515 3380 DMusic - ok

21:30:43.0531 3380 dpti2o - ok

21:30:43.0546 3380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:30:43.0656 3380 drmkaud - ok

21:30:43.0687 3380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:30:43.0781 3380 Fastfat - ok

21:30:43.0843 3380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

21:30:43.0921 3380 Fdc - ok

21:30:43.0937 3380 Fips (b66ddb75642f6722468707840c67a394) C:\WINDOWS\system32\drivers\Fips.sys

21:30:44.0046 3380 Fips - ok

21:30:44.0062 3380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

21:30:44.0171 3380 Flpydisk - ok

21:30:44.0187 3380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:30:44.0296 3380 FltMgr - ok

21:30:44.0312 3380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:30:44.0406 3380 Fs_Rec - ok

21:30:44.0421 3380 Ftdisk (45fc410cfe68ff036ad232a141e69c19) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:30:44.0515 3380 Ftdisk - ok

21:30:44.0562 3380 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys

21:30:44.0578 3380 ggflt - ok

21:30:44.0609 3380 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys

21:30:44.0609 3380 ggsemc - ok

21:30:44.0625 3380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:30:44.0718 3380 Gpc - ok

21:30:44.0750 3380 HdAudAddService (f58d2900c66a1e773e3375098e0e9337) C:\WINDOWS\system32\drivers\HdAudio.sys

21:30:44.0765 3380 HdAudAddService - ok

21:30:44.0796 3380 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:30:44.0890 3380 HDAudBus - ok

21:30:44.0906 3380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:30:45.0015 3380 HidUsb - ok

21:30:45.0031 3380 hpn - ok

21:30:45.0062 3380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:30:45.0125 3380 HTTP - ok

21:30:45.0140 3380 i2omgmt - ok

21:30:45.0140 3380 i2omp - ok

21:30:45.0156 3380 i8042prt (82e56cd09b2ce1edec3fba9111c7ee3a) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

21:30:45.0250 3380 i8042prt - ok

21:30:45.0265 3380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:30:45.0375 3380 Imapi - ok

21:30:45.0390 3380 ini910u - ok

21:30:45.0453 3380 IntelIde - ok

21:30:45.0515 3380 intelppm (02431778e84a525d29929d14bab71d53) C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:30:45.0593 3380 intelppm - ok

21:30:45.0625 3380 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:30:45.0703 3380 Ip6Fw - ok

21:30:45.0734 3380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:30:45.0843 3380 IpFilterDriver - ok

21:30:45.0875 3380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:30:45.0984 3380 IpInIp - ok

21:30:46.0000 3380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:30:46.0109 3380 IpNat - ok

21:30:46.0125 3380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:30:46.0218 3380 IPSec - ok

21:30:46.0234 3380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:30:46.0328 3380 IRENUM - ok

21:30:46.0359 3380 isapnp (48f97c77daf8811598cfae21368eacb6) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:30:46.0437 3380 isapnp - ok

21:30:46.0453 3380 Kbdclass (d655ca94c8e2e0223c1bc28bcd95723a) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:30:46.0546 3380 Kbdclass - ok

21:30:46.0562 3380 kbdhid (e1e28876fe7602b0a1d040354de35c06) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

21:30:46.0656 3380 kbdhid - ok

21:30:46.0687 3380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:30:46.0781 3380 kmixer - ok

21:30:46.0812 3380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:30:46.0859 3380 KSecDD - ok

21:30:46.0875 3380 lbrtfdc - ok

21:30:46.0921 3380 LGBusEnum (170e7093a77ad586f3a012a3db651d94) C:\WINDOWS\system32\drivers\LGBusEnum.sys

21:30:46.0921 3380 LGBusEnum - ok

21:30:46.0953 3380 LGVirHid (d2dd04d1c8df65eecd1f2c7fb947d43e) C:\WINDOWS\system32\drivers\LGVirHid.sys

21:30:46.0968 3380 LGVirHid - ok

21:30:46.0984 3380 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys

21:30:47.0000 3380 MBAMProtector - ok

21:30:47.0031 3380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:30:47.0125 3380 mnmdd - ok

21:30:47.0140 3380 Modem (42ce19726d9c410dff75d3ff1cc79db2) C:\WINDOWS\system32\drivers\Modem.sys

21:30:47.0234 3380 Modem - ok

21:30:47.0234 3380 Mouclass (e0c4c36573bcf0c0d2a1578caa791f7d) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:30:47.0328 3380 Mouclass - ok

21:30:47.0359 3380 mouhid (98e474ecf11f1db62fb072157a95ea83) C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:30:47.0453 3380 mouhid - ok

21:30:47.0484 3380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:30:47.0578 3380 MountMgr - ok

21:30:47.0578 3380 mraid35x - ok

21:30:47.0593 3380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:30:47.0703 3380 MRxDAV - ok

21:30:47.0734 3380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:30:47.0796 3380 MRxSmb - ok

21:30:47.0828 3380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:30:47.0921 3380 Msfs - ok

21:30:47.0968 3380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:30:48.0062 3380 MSKSSRV - ok

21:30:48.0093 3380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:30:48.0171 3380 MSPCLOCK - ok

21:30:48.0187 3380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:30:48.0281 3380 MSPQM - ok

21:30:48.0296 3380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:30:48.0375 3380 mssmbios - ok

21:30:48.0406 3380 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys

21:30:48.0453 3380 MTsensor - ok

21:30:48.0484 3380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

21:30:48.0515 3380 Mup - ok

21:30:48.0531 3380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:30:48.0625 3380 NDIS - ok

21:30:48.0656 3380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:30:48.0703 3380 NdisTapi - ok

21:30:48.0734 3380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:30:48.0828 3380 Ndisuio - ok

21:30:48.0859 3380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:30:48.0937 3380 NdisWan - ok

21:30:48.0968 3380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:30:49.0046 3380 NDProxy - ok

21:30:49.0046 3380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:30:49.0156 3380 NetBIOS - ok

21:30:49.0171 3380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:30:49.0265 3380 NetBT - ok

21:30:49.0296 3380 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

21:30:49.0375 3380 NIC1394 - ok

21:30:49.0406 3380 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys

21:30:49.0484 3380 nm - ok

21:30:49.0500 3380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:30:49.0578 3380 Npfs - ok

21:30:49.0609 3380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:30:49.0734 3380 Ntfs - ok

21:30:49.0781 3380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:30:49.0890 3380 Null - ok

21:30:50.0156 3380 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:30:50.0562 3380 nv - ok

21:30:50.0640 3380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:30:50.0750 3380 NwlnkFlt - ok

21:30:50.0781 3380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:30:50.0859 3380 NwlnkFwd - ok

21:30:50.0890 3380 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

21:30:50.0984 3380 ohci1394 - ok

21:30:51.0015 3380 Parport (19e28ed86e7244d76fda792c2810188e) C:\WINDOWS\system32\DRIVERS\parport.sys

21:30:51.0109 3380 Parport - ok

21:30:51.0125 3380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:30:51.0218 3380 PartMgr - ok

21:30:51.0250 3380 ParVdm (5cf71e14a108c492c1fb07543d579af5) C:\WINDOWS\system32\drivers\ParVdm.sys

21:30:51.0359 3380 ParVdm - ok

21:30:51.0390 3380 PCI (8a185f0112cf5b42ff1aaff31b8b3091) C:\WINDOWS\system32\DRIVERS\pci.sys

21:30:51.0468 3380 PCI - ok

21:30:51.0484 3380 PCIDump - ok

21:30:51.0515 3380 PCIIde (239de4275ee40fdf9912761467025244) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:30:51.0593 3380 PCIIde - ok

21:30:51.0609 3380 Pcmcia (904053aa6e251c77cf85371ce644cfd7) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:30:51.0703 3380 Pcmcia - ok

21:30:51.0718 3380 PDCOMP - ok

21:30:51.0718 3380 PDFRAME - ok

21:30:51.0734 3380 PDRELI - ok

21:30:51.0750 3380 PDRFRAME - ok

21:30:51.0750 3380 perc2 - ok

21:30:51.0765 3380 perc2hib - ok

21:30:51.0828 3380 pneteth (088335b06f75adbcbb81575c7cae6c43) C:\WINDOWS\system32\DRIVERS\pneteth.sys

21:30:51.0843 3380 pneteth ( UnsignedFile.Multi.Generic ) - warning

21:30:51.0843 3380 pneteth - detected UnsignedFile.Multi.Generic (1)

21:30:51.0875 3380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:30:51.0968 3380 PptpMiniport - ok

21:30:52.0000 3380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:30:52.0093 3380 PSched - ok

21:30:52.0125 3380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:30:52.0203 3380 Ptilink - ok

21:30:52.0234 3380 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:30:52.0234 3380 PxHelp20 - ok

21:30:52.0250 3380 ql1080 - ok

21:30:52.0265 3380 Ql10wnt - ok

21:30:52.0265 3380 ql12160 - ok

21:30:52.0281 3380 ql1240 - ok

21:30:52.0281 3380 ql1280 - ok

21:30:52.0312 3380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:30:52.0406 3380 RasAcd - ok

21:30:52.0437 3380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:30:52.0531 3380 Rasl2tp - ok

21:30:52.0562 3380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:30:52.0656 3380 RasPppoe - ok

21:30:52.0687 3380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:30:52.0796 3380 Raspti - ok

21:30:52.0843 3380 Razerlow (116c340acf37602d12cac6de6b8107cd) C:\WINDOWS\system32\Drivers\DB3G.sys

21:30:52.0859 3380 Razerlow - ok

21:30:52.0875 3380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:30:52.0968 3380 Rdbss - ok

21:30:52.0984 3380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:30:53.0078 3380 RDPCDD - ok

21:30:53.0093 3380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:30:53.0203 3380 rdpdr - ok

21:30:53.0234 3380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

21:30:53.0296 3380 RDPWD - ok

21:30:53.0328 3380 RTLE8023xp (25be98c05808c57e4d8d26477dc12d39) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

21:30:53.0390 3380 RTLE8023xp - ok

21:30:53.0406 3380 s3017bus (aa786ad3a2684d39630744787b00e6f4) C:\WINDOWS\system32\DRIVERS\s3017bus.sys

21:30:53.0421 3380 s3017bus - ok

21:30:53.0437 3380 s3017mdfl (cba4ca5bce44084e98ce420fd6692d3a) C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys

21:30:53.0453 3380 s3017mdfl - ok

21:30:53.0468 3380 s3017mdm (68036eff647970d6c0399789c8707cad) C:\WINDOWS\system32\DRIVERS\s3017mdm.sys

21:30:53.0468 3380 s3017mdm - ok

21:30:53.0484 3380 s3017mgmt (3672e7f9349bd98fd3f5ac33e7b2b1a6) C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys

21:30:53.0500 3380 s3017mgmt - ok

21:30:53.0515 3380 s3017nd5 (b1133b37eb184aef81d56b4302dbae9c) C:\WINDOWS\system32\DRIVERS\s3017nd5.sys

21:30:53.0515 3380 s3017nd5 - ok

21:30:53.0531 3380 s3017obex (d81b1d504aa1426622e7ec09f25130a9) C:\WINDOWS\system32\DRIVERS\s3017obex.sys

21:30:53.0546 3380 s3017obex - ok

21:30:53.0546 3380 s3017unic (7b95c53ea8bb585013767eef2875c0a0) C:\WINDOWS\system32\DRIVERS\s3017unic.sys

21:30:53.0562 3380 s3017unic - ok

21:30:53.0609 3380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:30:53.0687 3380 Secdrv - ok

21:30:53.0734 3380 SenFiltService (23228966244cdd9627bde4141b3be1f0) C:\WINDOWS\system32\drivers\Senfilt.sys

21:30:53.0734 3380 SenFiltService ( UnsignedFile.Multi.Generic ) - warning

21:30:53.0750 3380 SenFiltService - detected UnsignedFile.Multi.Generic (1)

21:30:53.0781 3380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

21:30:53.0875 3380 serenum - ok

21:30:53.0906 3380 Serial (f7d35464062edc08909e568bcd8ae77d) C:\WINDOWS\system32\DRIVERS\serial.sys

21:30:54.0015 3380 Serial - ok

21:30:54.0046 3380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

21:30:54.0156 3380 Sfloppy - ok

21:30:54.0171 3380 Simbad - ok

21:30:54.0187 3380 Sparrow - ok

21:30:54.0203 3380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:30:54.0296 3380 splitter - ok

21:30:54.0312 3380 sr (1193ef00869f6367367e6e7cb96be325) C:\WINDOWS\system32\DRIVERS\sr.sys

21:30:54.0406 3380 sr - ok

21:30:54.0437 3380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

21:30:54.0484 3380 Srv - ok

21:30:54.0515 3380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:30:54.0593 3380 swenum - ok

21:30:54.0609 3380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:30:54.0718 3380 swmidi - ok

21:30:54.0734 3380 symc810 - ok

21:30:54.0750 3380 symc8xx - ok

21:30:54.0750 3380 sym_hi - ok

21:30:54.0765 3380 sym_u3 - ok

21:30:54.0796 3380 SynasUSB (418bd80a7fefaa3fcbd3dcfc021cb294) C:\WINDOWS\system32\drivers\SynasUSB.sys

21:30:54.0812 3380 SynasUSB ( UnsignedFile.Multi.Generic ) - warning

21:30:54.0812 3380 SynasUSB - detected UnsignedFile.Multi.Generic (1)

21:30:54.0843 3380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:30:54.0921 3380 sysaudio - ok

21:30:54.0968 3380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:30:55.0015 3380 Tcpip - ok

21:30:55.0031 3380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:30:55.0125 3380 TDPIPE - ok

21:30:55.0140 3380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:30:55.0250 3380 TDTCP - ok

21:30:55.0265 3380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:30:55.0359 3380 TermDD - ok

21:30:55.0375 3380 TosIde - ok

21:30:55.0390 3380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:30:55.0500 3380 Udfs - ok

21:30:55.0515 3380 ultra - ok

21:30:55.0546 3380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:30:55.0656 3380 Update - ok

21:30:55.0703 3380 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

21:30:55.0796 3380 usbaudio - ok

21:30:55.0812 3380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:30:55.0906 3380 usbccgp - ok

21:30:55.0937 3380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:30:56.0015 3380 usbehci - ok

21:30:56.0046 3380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:30:56.0140 3380 usbhub - ok

21:30:56.0187 3380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:30:56.0296 3380 USBSTOR - ok

21:30:56.0328 3380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:30:56.0421 3380 usbuhci - ok

21:30:56.0421 3380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:30:56.0531 3380 VgaSave - ok

21:30:56.0531 3380 ViaIde - ok

21:30:56.0562 3380 VolSnap (57187ec04878147e1f4f2d9224b12205) C:\WINDOWS\system32\drivers\VolSnap.sys

21:30:56.0671 3380 VolSnap - ok

21:30:56.0703 3380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:30:56.0796 3380 Wanarp - ok

21:30:56.0843 3380 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

21:30:56.0875 3380 Wdf01000 - ok

21:30:56.0875 3380 WDICA - ok

21:30:56.0906 3380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:30:56.0984 3380 wdmaud - ok

21:30:57.0046 3380 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

21:30:57.0046 3380 WinUSB - ok

21:30:57.0093 3380 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

21:30:57.0125 3380 WpdUsb - ok

21:30:57.0156 3380 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:30:57.0187 3380 WudfPf - ok

21:30:57.0203 3380 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:30:57.0218 3380 WudfRd - ok

21:30:57.0265 3380 MBR (0x1B8) (c8919ae61419c5625f9ef0aef12523a8) \Device\Harddisk0\DR0

21:30:57.0468 3380 \Device\Harddisk0\DR0 - ok

21:30:57.0468 3380 Boot (0x1200) (59251917d009a62815ac1e017b1a10d6) \Device\Harddisk0\DR0\Partition0

21:30:57.0468 3380 \Device\Harddisk0\DR0\Partition0 - ok

21:30:57.0468 3380 ============================================================

21:30:57.0468 3380 Scan finished

21:30:57.0468 3380 ============================================================

21:30:57.0578 3704 Detected object count: 8

21:30:57.0578 3704 Actual detected object count: 8

21:31:45.0562 3704 ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0562 3704 ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0562 3704 AEAudioService ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0562 3704 AEAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0562 3704 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0562 3704 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0578 3704 CME_1394 ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0578 3704 CME_1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0578 3704 CME_avs ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0578 3704 CME_avs ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0578 3704 pneteth ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0578 3704 pneteth ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0578 3704 SenFiltService ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0578 3704 SenFiltService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:31:45.0578 3704 SynasUSB ( UnsignedFile.Multi.Generic ) - skipped by user

21:31:45.0578 3704 SynasUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:32:07.0859 3676 Deinitialize success

Link to post
Share on other sites

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    redbook.sys


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 01:05 on 10/12/2011 by Lars

Administrator - Elevation successful

========== filefind ==========

Searching for "redbook.sys"

C:\WINDOWS\$NtServicePackUninstall$\redbook.sys -----c- 58112 bytes [19:11 02/10/2008] [01:09 04/08/2004] 6AB3E65A46FB2A6F21BA5ACFDFA44FAB

C:\WINDOWS\ServicePackFiles\i386\redbook.sys ------- 58240 bytes [15:37 14/04/2008] [15:37 14/04/2008] 97130D37842819FA39FD5F1E90A5D676

C:\WINDOWS\system32\dllcache\redbook.sys --a--c- 58240 bytes [19:16 13/03/2008] [16:37 14/04/2008] 97130D37842819FA39FD5F1E90A5D676

C:\WINDOWS\system32\drivers\redbook.sys --a---- 58240 bytes [19:16 13/03/2008] [16:37 14/04/2008] 5A940B7B6EAF4F2106345494556DF4E9

-= EOF =-

Link to post
Share on other sites

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:files
C:\WINDOWS\system32\dllcache\redbook.sys | C:\WINDOWS\system32\drivers\redbook.sys /replace

:Commands
[emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log".
  • Please post that log in your next reply.

Link to post
Share on other sites

All processes killed

========== FILES ==========

File C:\WINDOWS\system32\dllcache\redbook.sys successfully replaced with C:\WINDOWS\system32\drivers\redbook.sys

========== COMMANDS ==========

[EMPTYTEMP]

User: Administratör

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Lars

->Temp folder emptied: 25994 bytes

->Temporary Internet Files folder emptied: 52707231 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Google Chrome cache emptied: 6866498 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 291 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 63602 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 57,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12112011_185342

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.