Anders03 Posted September 7, 2012 ID:594255 Share Posted September 7, 2012 I've read this is pretty common but I haven't had that big success googling for solutions. I've had this for a few weeks and the only problem is that I'm getting forward to the partner37 url sometimes. And when it does accure it's very hard to open up a new tab to get to the page I wanted to go to as I will just instantly get the partner37 again. Often works to just change browser from chrome to firefox. And btw, start page on firefox is "Search Safer" which i believe is some kind of virus as well as it's not supposed to be there when I open a new tab. Anyway I need to try do something so I will see if you can help me here.I'm on the MBAM pro trial and the full scan i made some week ago detected lot of stuff which I removed all of it. But the partner37 remained. Today I made the quick scan and it didn't find anything.Let me know if I've forgot to do something but here are the .txt logs I believe I'm supposed to post.attach.txtdds.txtThank you. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 7, 2012 ID:594347 Share Posted September 7, 2012 Hello Anders03 and welcome to MalwareBytes forums.Going forward, please only Copy and Paste the contents of logs directly into the main-body of reply box.Use NOTEPAD to open a log. Do a CTRL+A to Copy ALLIn the reply box, do a CTRL+V inside the reply box to Paste Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 7, 2012 ID:594349 Share Posted September 7, 2012 Your logs showed some peer-to-peer filesharing apps: Ares & uTorrent You must remove those 2 + any other peer-to-peer app (using Control Panel >> Add-or-Remove Programs ) and then logoff & Restart system ANDconfirm for me that you have done so.Do that before we continue with any further follow-up.Filesharing/downloading from unknown sources is one of the leading causes of transmission of malware. Risks of File-Sharing Technology.P2P file sharing: Know the risks Link to post Share on other sites More sharing options...
Anders03 Posted September 7, 2012 Author ID:594357 Share Posted September 7, 2012 Couldn't find any sign of "Ares" unfortfunately. Looked in control panel and also searched after it but no hit at all.uTorrent is completely removed now.logoff & Restart systemIf this means just a normal computer restart then it's done now. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 7, 2012 ID:594368 Share Posted September 7, 2012 You will want to print out or copy these instructions to Notepad for easier offline reference!These steps are for Anders03 only. If you are a casual viewer, do NOT try this on your system!If you are not Anders03 and have a similar problem, do NOT post here; start your own topicThe fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to your System or any other one!You will want to print out or copy these instructions to Notepad for offline reference!Step 1Disable CD-ROM Emulation Software:Please download the following tool DeFogger to your desktop.Double click DeFogger to run the tool.The application window will appearClick the Disable button to disable your CD Emulation drivers.Click Yes to continueA 'Finished!' message will appearClick OKDeFogger will now ask to reboot the machine - click OKIMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.Do not re-enable these drivers until otherwise instructed.Step 21. Go >> Here << and download ERUNT (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup (the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked 6. Press OK7. Press YES to create the folder.Step 3Set Windows to show all files and all folders. On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed. "CHECK" (turn on) Display the contents of system folders. Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders. Next, un-check Hide extensions for known file types. Next un-check Hide protected operating system files. Step 4If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power or a UPS system)1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.For help reference, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsIf you have a prior copy of Combofix, delete it now !Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop. Link 1 Link 2* IMPORTANT !!! SAVE AS Combo-Fix.exe to your DesktopIf your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop. 2. Open notepad and copy/paste the text in the quotebox below into it:KILLALL::DDS::uStart Page = hxxp://search.chatzum.com/mStart Page = hxxp://search.chatzum.com/uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllBHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dllBHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllTB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllTB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dlluRun: [ares] "c:\program\ares\Ares.exe" -hFolder::c:\program\aresc:\program\utorrentbarSave this as CFScript.txt, in the same location as ComboFix.exe3. Close any (all) open browsers.4:Drag and drop CFScript.txt onto Combofix (the red-lion icon) so that it starts a scripted run of Combofix Refering to the picture above, drag CFScript into ComboFix.exeHave infinite patience during the run & scan by Combofix. It has many phases: some 50+ stagesIt will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply {Copy & Paste}.------------------------------------------------------- A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. Notes:[1] IF after Combofix reboot you get the message Illegal operation attempted on registry key that has been marked for deletion....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.[2] Do not mouseclick combofix's window nor run any program while Combofix is running.That may cause it to stall.[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh !Reply & Copy & Paste the C:\Combofix.txt log and tell me, How is the system now RE-Enable your AntiVirus and AntiSpyware applications. Link to post Share on other sites More sharing options...
Anders03 Posted September 8, 2012 Author ID:594691 Share Posted September 8, 2012 Followed all steps but closed down Combofix progress after nothing happened during 30 minutes and a total of 50-60 minutes.Shall I run it again and allow it 2-3 hours or what should I do? Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 8, 2012 ID:594761 Share Posted September 8, 2012 Did you see it start ? was there not a display of the phase # shown ?How do you know "nothing happened"?Did you turn off your antivirus app beforehand ?Look in your C drive, in the root, C:\for Combofix.txtIF found, copy and paste the contents of C:\Combofix.txtDownload OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exeClose all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!Exit OTL by clicking the X at top right.Download Security Check by screen317 and save it to your Desktop: here Run Security Check Follow the onscreen instructions inside of the command window.A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it! Link to post Share on other sites More sharing options...
Anders03 Posted September 8, 2012 Author ID:594777 Share Posted September 8, 2012 Did you see it start ? was there not a display of the phase # shown ?How do you know "nothing happened"?Did you turn off your antivirus app beforehand ?Look in your C drive, in the root, C:\for Combofix.txtIF found, copy and paste the contents of C:\Combofix.txtIt started and was working for a while, maybe 20 minutes .Then nothing happened for 30-40 minutes when it was saying "Removing these files:" and it was just a few files. I turned off microsoft security essentials yes.I didn't get a log as I closed it and restarted my computer.Shall I do combo fix again or should I continue with the next steps you just gave me? Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 8, 2012 ID:594847 Share Posted September 8, 2012 Do the OTL & SecurityCheck procedures that I had outlined.Tell me if this is a laptop/notebook or a standard-box pc. Link to post Share on other sites More sharing options...
Anders03 Posted September 8, 2012 Author ID:594898 Share Posted September 8, 2012 I'm using standard-box pc. Made the scans now.OTL.TxtOTL logfile created on: 2012-09-08 20:54:32 - Run 1OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\SkrivbordWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File freePaging file location(s): C:\pagefile.sys 4000 4000 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\ProgramDrive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFSComputer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exePRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exePRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exePRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exePRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exePRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exePRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exePRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exePRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exePRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exePRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exePRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exePRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exePRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exePRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exePRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exePRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exePRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exePRC - [2010-07-16 13:58:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows NT\Tillbehör\wordpad.exePRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exePRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exePRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXEPRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXEPRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exePRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exePRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe========== Modules (No Company Name) ==========MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exeMOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dllMOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exeMOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exeMOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dllMOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dllMOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dllMOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exeMOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exeMOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dllMOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dllMOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe========== Services (SafeList) ==========SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)DRV - [2012-09-08 10:11:58 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C8531222-E07D-41BA-AEF7-EEBF9D663187}\MpKsl773a5346.sys -- (MpKsl773a5346)DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227980IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=e4cffaf3000000000000001aa0662619IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=EB75BA8D2AB505C7CAC68A502D02E5DF&q={searchTerms}IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.chatzum.com/?q={searchTerms}IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}IE - HKCU\..\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}: "URL" = http://www.google.com/search?hl=sv&q={searchTerms}IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb143/?search={searchTerms}&loc=IB_DS&a=6PQxaWucyc&i=26IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: ""FF - prefs.js..browser.search.order.1: ""FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "https://www.google.se/"FF - prefs.js..extensions.enabledAddons: stefanvandamme@stefanvd.net:2.0.0.100FF - prefs.js..extensions.enabledAddons: {7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.10.27.6FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"FF - prefs.js..network.proxy.type: 2FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not foundFF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not foundFF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.comFF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M][2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions[2012-08-29 23:05:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions[2012-08-28 13:33:31 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}[2012-08-04 11:12:15 | 000,456,182 | ---- | M] () (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml========== Chrome ==========CHR - default_search_provider: google.se (Enabled)CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dllCHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dllCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dllCHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dllCHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dllCHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dllCHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllCHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllCHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dllCHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dllCHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dllCHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dllCHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dllCHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dllCHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dllCHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dllCHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dllCHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dllCHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dllCHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dllCHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not foundO4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not foundO4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not foundO4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not foundO4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not foundO8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not foundO15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O24 - Desktop Components:0 (Min aktuella startsida) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ==========[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-07 18:13:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2012-09-07 15:19:29 | 000,000,000 | --SD | C] -- C:\Combo-Fix[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox[2012-09-07 15:12:52 | 004,746,072 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris[2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll[2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll[2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll[2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll[2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll[2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll[2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll[2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll[2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll[2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll[2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll[2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll[2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll[2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll[2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll[2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll[2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll[2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll[2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll[2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll[2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll[2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll[2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll[2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll[2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll[2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll[2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll[2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll[2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll[2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll[2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll[2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll[2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll[2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll[2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll[2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll[2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll[2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll[2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll[2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll[2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll[2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll[2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll[2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll[2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll[2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll[2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll[2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll[2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll[2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll[2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll[2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll[2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll[2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll[2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll[2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll[2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll[2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll[2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll[2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll[2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll[2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll[2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll[2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll[2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll[2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll[2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll[2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll[2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll[2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll[2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll[2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll[2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll[2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll[2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll[2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll[2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll[2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy[2012-08-16 16:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys[2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys[2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax[2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys[2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys[2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys[2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys[2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job[2012-09-08 20:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job[2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-08 20:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job[2012-09-08 20:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp[2012-09-08 13:35:46 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk[2012-09-08 13:34:17 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-08 13:34:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2012-09-08 13:34:15 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-08 13:33:59 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-08 10:21:35 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2012-09-08 10:11:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2012-09-08 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job[2012-09-08 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini[2012-09-07 15:13:02 | 004,746,072 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2012-09-07 13:40:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2012-09-07 10:34:42 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe[2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[2012-08-10 18:11:06 | 000,071,226 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png[2012-08-10 18:09:55 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8[2012-08-10 17:51:05 | 000,275,934 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp[2012-08-10 17:45:05 | 000,071,195 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png[2012-08-10 17:12:35 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp[2012-08-10 17:04:53 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp[2012-08-10 16:43:38 | 000,070,747 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png[2012-08-10 16:28:54 | 000,055,222 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg[2012-08-10 16:11:01 | 000,842,862 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png[2012-08-10 16:11:00 | 001,122,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png[2012-08-09 21:31:27 | 001,426,273 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files Created - No Company Name ==========[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-08 10:09:59 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[2012-08-10 18:11:06 | 000,071,226 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png[2012-08-10 18:09:55 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8[2012-08-10 17:51:05 | 000,275,934 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp[2012-08-10 17:45:05 | 000,071,195 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png[2012-08-10 17:12:35 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp[2012-08-10 17:04:53 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp[2012-08-10 16:43:38 | 000,070,747 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png[2012-08-10 16:28:53 | 000,055,222 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg[2012-08-10 16:10:56 | 000,842,862 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png[2012-08-10 16:10:53 | 001,122,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png[2012-08-09 21:31:14 | 001,426,273 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2011-10-02 13:50:38 | 000,136,704 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat========== LOP Check ==========[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask[2012-02-28 18:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon[2011-09-30 16:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BabylonUpdater[2012-08-29 17:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo[2012-09-08 13:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-09-08 20:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD[2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job[2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job========== Purity Check ==========< End of report > Link to post Share on other sites More sharing options...
Anders03 Posted September 8, 2012 Author ID:594899 Share Posted September 8, 2012 Extras.TxtOTL Extras logfile created on: 2012-09-08 20:54:32 - Run 1OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\SkrivbordWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File freePaging file location(s): C:\pagefile.sys 4000 4000 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\ProgramDrive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFSComputer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*.html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation).url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*exefile [open] -- "%1" %*https [open] -- "C:\Program\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %lpiffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Directory [MediaMonkey.1Play] -- "C:\Program\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)Directory [MediaMonkey.2PlayNext] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)Directory [MediaMonkey.3Enqueue] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"AntiVirusDisableNotify" = 0"FirewallDisableNotify" = 0"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]"Start" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]"Start" = 2========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0"DoNotAllowExceptions" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DisableNotifications" = 0"DoNotAllowExceptions" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server"51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server"51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)"C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated)"C:\Program\Spotify\spotify.exe" = C:\Program\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)"C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"C:\Program\Steam\Steam.exe" = C:\Program\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)"C:\Program\redbet\pokerclient\redbet.exe" = C:\Program\redbet\pokerclient\redbet.exe:*:Enabled:Poker Client Software -- (Entraction Solutions AB)"C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)"C:\Program\Winamp\winamp.exe" = C:\Program\Winamp\winamp.exe:*:Enabled:Winamp"C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe" = C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe:*:Enabled:µTorrent"C:\Program\Comeon Poker 2.0\PokerClient.exe" = C:\Program\Comeon Poker 2.0\PokerClient.exe:*:Enabled:Comeon Poker 2.0 -- (Comeon Poker)"C:\Program\VideoLAN\VLC\vlc.exe" = C:\Program\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()"C:\Program\Ares\Ares.exe" = C:\Program\Ares\Ares.exe:*:Enabled:Ares p2p for windows"C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe" = C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe:*:Enabled:Virtual Pool 3 DL -- (Celeris Inc.)"C:\Program\GameSpy Arcade\Aphex.exe" = C:\Program\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0 -- (IGN Entertainment, Inc.)"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)"C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()"C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)"C:\Program\SopCast\SopCast.exe" = C:\Program\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)"C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios)"C:\Program\Opera\opera.exe" = C:\Program\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)"C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software)"C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios)"c:\program\relevantknowledge\rlvknlg.exe" = c:\program\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414" = CanoScan LiDE 110 Scanner Driver"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1"{291C5A9A-15B1-4F2C-898F-10D04D252886}" = Trafikskolan TEO"{296D775C-839A-3618-8D5C-E2B588C5CD12}" = Microsoft .NET Framework 4 Extended SVE Language Pack"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.430"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace"{4E799930-BBE1-4A64-BC49-99354D37DBB7}" = Adobe Creative Suite 4 Master Collection"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SV-SE Language Pack"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4"{6006089C-84B5-4F18-8113-D96792AED0DE}_is1" = ChrisPC Free Anonymous Proxy 3.00"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files"{7CE198D0-CFB0-49F2-9ECF-2F2C084EAD9E}" = Adobe Setup"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update"{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.3.3"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support"{90120000-0010-041D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Swedish) 12"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-0015-041D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Swedish) 2007"{90120000-0015-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007"{90120000-0016-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007"{90120000-0018-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-0019-041D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Swedish) 2007"{90120000-0019-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-001A-041D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Swedish) 2007"{90120000-001A-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007"{90120000-001B-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007"{90120000-001F-040B-0000-0000000FF1CE}_PROPLUS_{C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007"{90120000-001F-041D-0000-0000000FF1CE}_PROPLUS_{4A960AFC-E28F-4233-953F-1903BE859B79}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)"{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007"{90120000-0044-041D-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Swedish) 2007"{90120000-0044-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007"{90120000-006E-041D-0000-0000000FF1CE}_PROPLUS_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3)"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9B700657-676B-4A98-8B25-40A1BAC81053}" = Nero 8 Essentials"{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4"{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk"{AC76BA86-1053-DF60-7760-000000000004}{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk"{ACC78BCD-6B12-4C73-8D98-5B96A4A6D73A}" = XSplit"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4"{C60AAF4C-A72C-36E0-8CA4-41FF753D74F6}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw"{CD9A35D4-8A81-4188-98AF-14D759083FB4}" = Nordea NCR1 Installationspaket"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer"{D7A3F13E-3B62-4DD8-84E5-E3D20F4FCA99}_is1" = DigitalClock version 1.1"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4"{E801BD2A-AB6B-4B8F-9599-B164AC726EC8}" = Virtual Pool 4"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help"{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4"{F8D02DBB-9B81-4192-9E85-219AD0447920}" = Microsoft Antimalware Service SV-SE Language Pack"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4"{FA7F689F-88EB-4946-B105-4C434CF5B07A}" = BankID säkerhetsprogram"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All"1180-6883-2514-0226-redbet-PROD" = redbet"7-Zip" = 7-Zip 9.20"AC3Filter_is1" = AC3Filter 1.63b"Adobe AIR" = Adobe AIR"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin"Adobe Shockwave Player" = Adobe Shockwave Player 11.6"Adobe_df1693a38ea3822700f69621b5e71d0" = Adobe Creative Suite 4 Master Collection"AMDAway INF" = AMDAway INF"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor"Bandicam" = Bandicam"BandiMPEG1" = Bandisoft MPEG-1 Decoder"bet365poker" = Poker at bet365"Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0"Betsafe Poker_is1" = Betsafe Poker"CamStudio" = CamStudio"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com"Combat Flight Simulator 1.00" = Microsoft Combat Flight Simulator"Comeon Poker 2.0" = Comeon Poker 2.0"DAEMON Tools Lite" = DAEMON Tools Lite"DivX Setup" = DivX Setup"EE9C4A93-0E83-4C66-9802-5DC13C189C12_is1" = Free Audio Recorder 6.6.6"ERUNT_is1" = ERUNT 1.1j"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.3.1206"Free Desktop Clock" = Free Desktop Clock"GameSpy Arcade" = GameSpy Arcade"Gmail Notifier" = Gmail Notifier"HandBrake" = HandBrake 0.9.6"HyperCam 2" = HyperCam 2"ie8" = Windows Internet Explorer 8"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Basic)"LogMeIn Hamachi" = LogMeIn Hamachi"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300"MediaMonkey_is1" = MediaMonkey 4.0"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended"Microsoft .NET Framework 4 Extended SVE Language Pack" = Microsoft .NET Framework 4 Extended Language Pack - SVE"Microsoft Security Client" = Microsoft Security Essentials"Mozilla Firefox 14.0.1 (x86 sv-SE)" = Mozilla Firefox 14.0.1 (x86 sv-SE)"MozillaMaintenanceService" = Mozilla Maintenance Service"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP"MWSnap 3" = MWSnap 3"NVIDIA Drivers" = NVIDIA Drivers"Opera 12.01.1532" = Opera 12.01"Pirateplayer" = Pirateplayer"PokerStars" = PokerStars"PokerStars.net" = PokerStars.net"PokerTracker3" = PokerTracker 3 (remove only)"PokerTracker4" = PokerTracker 4 (remove only)"PROPLUS" = Microsoft Office Professional Plus 2007"Quick Screenshot Maker 2.1_is1" = Quick Screenshot Maker 2.1"RealPlayer 15.0" = RealPlayer"Replay Music3.45" = Replay Music"SopCast" = SopCast 3.5.0"Spotify" = Spotify"Steam App 10" = Counter-Strike"Steam App 105430" = Age of Empires Online"Svea Rike II" = Svea Rike II"Svenska Spels Poker" = Svenska Spels Poker"Unlocker" = Unlocker 1.9.1"Veetle TV" = Veetle TV"William Hill Poker" = William Hill Poker"Windows Media Format Runtime" = Windows Media Format 11 runtime"Windows Media Player" = Windows Media Player 11"WinLiveSuite_Wave3" = Windows Live Essentials"WinRAR archiver" = WinRAR archiver"VLC media player" = VLC media player 2.0.1"WMFDist11" = Windows Media Format 11 runtime"wmp11" = Windows Media Player 11"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)"Xvid Video Codec 1.3.2" = Xvid Video Codec"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.2========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"f396e7ec6e1240c7" = Tradera ProLister"Google Chrome" = Google Chrome"Spotify" = Spotify========== Last 20 Event Log Errors ==========[ Application Events ]Error - 2012-08-26 18:21:21 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0001d5b5.Error - 2012-08-27 09:42:13 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba4fe.Error - 2012-08-27 15:06:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul unknown, version 0.0.0.0, felaktig adress 0x0012f3bc.Error - 2012-08-27 17:40:49 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0002bf60.Error - 2012-08-29 16:06:44 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program camtasiastudio.exe, version 7.1.1.1785, felaktig modul xvidcore.dll, version 0.0.0.0, felaktig adress 0x0003a955.Error - 2012-08-29 16:07:16 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1001Description = Fel-bucket -1161878780.Error - 2012-08-30 16:42:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba49a.Error - 2012-08-30 17:56:33 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x0001d602.Error - 2012-08-30 18:00:40 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe, version 3.3.1.1, felaktig adress 0x000ba4a4.Error - 2012-09-02 07:22:36 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000Description = Felaktigt program vp4.exe, version 4.1.0.5, felaktig modul vp4.exe, version 4.1.0.5, felaktig adress 0x001886ed.[ System Events ]Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034Description = Tjänsten Smart Card avslutades oväntat. Detta har skett 1 gånger.Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031Description = Tjänsten Apple Mobile Device avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om tjänsten.Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031Description = Tjänsten Microsoft Antimalware Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder: Starta om tjänsten.Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034Description = Tjänsten LogMeIn Hamachi Tunneling Engine avslutades oväntat. Detta har skett 1 gånger.Error - 2012-09-07 10:02:33 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058Error - 2012-09-07 17:10:57 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058Error - 2012-09-07 17:14:46 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058Error - 2012-09-07 17:21:11 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058Error - 2012-09-08 04:10:01 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058Error - 2012-09-08 04:11:55 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av följande fel: %%1058< End of report >checkup.txt Results of screen317's Security Check version 0.99.50 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.0 Java 6 Update 26 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.3.300.271 Mozilla Firefox (14.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2012 ID:595147 Share Posted September 9, 2012 (edited) Hello Anders03Do NOT do any websurfing of any kind, NO web searching, NO shopping or game play or online transactions.Only go to this forum and the websites I guide you to.There is LOTS of work to do, even after the following.Run a ScriptPress the Windows-key on keyboard + R key. {or Start >> RUN }In the RUN box, type notepad and press Enter.Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.sc stop bProtectorsc config bProtector start= disableddel /f /q "%~f0"Select File -> Save AS.Press the Desktop button on the left side of the save dialog.In the box, type in Fix.bat.Press .Close Notepad.Double-click FIX.BAT to start it in a command-prompt-window It will run very quickly and then remove itself at the end.Step 2Turn off your MS Security Essentials antivirusHow To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsStep 3Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from>>> here <<<Double-click FixPolicies.exe.Click the "Install" button on the bottom toolbar of the box that will open.The program will create a new Folder called FixPolicies.Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.A black box will briefly appear and then close.This fix may prove temporary. Active malware may revert these changes at your next startup. You can safely run the utility again.Step 4Please double-click OTL.exe to run it. (Note: If you are running on Windows 7 or Vista, right-click on the file and choose Run As Administrator).Copy ALL the lines (including blank lines ) inside the CODE box below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)::otlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzu...q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.condui...&ctid=CT3227980IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001aa0662619IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.chatzu...q={searchTerms}IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzu...q={SearchTerms}IE - HKCU\..\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}: "URL" = http://www.google.co...q={searchTerms}IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3220468IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6PQxaWucyc&i=26:filesc:\program\aresc:\program\utorrentbarC:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpiC:\Documents and Settings\All Users\Application Data\BabylonC:\Documents and Settings\All Users\Application Data\BabylonUpdaterC:\Documents and Settings\All Users\Application Data\blekko toolbarsc:\program\utorrentbar\prxtbuTor.dllc:\program\search~1\datamngr\toolbar\searchqudtx.dllc:\program\utorrentbar\prxtbuTor.dllrecycler /alldrives:reg[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Ares"=-:Commands[purity][resethosts][CREATERESTOREPOINT][EMPTYFLASH][emptyjava][Reboot]Return to OTL. Right click in the window (under the aqua-blue bar) and choose Paste.Close any browser(s) windows that may be open.Using your mouse, click on the red-lettered button .Once you see a message box "Fix complete! Click OK to open the fix log."Click the OK buttonThe log will open in Notepad (your default text editor).Save the log. Post a copy of that log in your next reply.Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.Step 5NEXT run Combo-fix that you have from before. Double-click the EXE file to start itC:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exeFollow the prompts and respondAccept the EULA license when prompted Allow it to download a new version IF it asks Have lots and lots of patience while it runs.When all finished, Copy and Paste contents of C:\Combofix.txtand turn ON your MS Security Essentials when all done. Edited September 9, 2012 by Maurice Naggar Link to post Share on other sites More sharing options...
Anders03 Posted September 10, 2012 Author ID:595345 Share Posted September 10, 2012 If a complete system reboot is necessary for me, please tell.Combo-Fix got stuck again.Finishing stage 1.....Finishing stage 2.....................Finishing stage 50....It came to this pretty quick but then nothing happened during 2 hours or so._____________________________________________________________OTL-log:========== OTL ==========HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0065856-99D2-45A6-A927-A5B633B680F1}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.========== FILES ==========File\Folder c:\program\ares not found.File\Folder c:\program\utorrentbar not found.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi moved successfully.C:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully.C:\Documents and Settings\All Users\Application Data\BabylonUpdater folder moved successfully.C:\Documents and Settings\All Users\Application Data\blekko toolbars folder moved successfully.File\Folder c:\program\utorrentbar\prxtbuTor.dll not found.File\Folder c:\program\search~1\datamngr\toolbar\searchqudtx.dll not found.File\Folder c:\program\utorrentbar\prxtbuTor.dll not found.C:\RECYCLER\S-1-5-21-1659004503-343818398-682003330-1003 folder moved successfully.C:\RECYCLER folder moved successfully.========== REGISTRY ==========Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ares not found.========== COMMANDS ==========C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.HOSTS file reset successfullyRestore point Set: OTL Restore Point[EMPTYFLASH]User: All UsersUser: Anders->Flash cache emptied: 81026 bytesUser: Anders-2->Flash cache emptied: 3911 bytesUser: Default UserUser: LocalServiceUser: NetworkServiceUser: postgresTotal Flash Files Cleaned = 0,00 mb[EMPTYJAVA]User: All UsersUser: Anders->Java cache emptied: 6265466 bytesUser: Anders-2->Java cache emptied: 0 bytesUser: Default UserUser: LocalServiceUser: NetworkServiceUser: postgresTotal Java Files Cleaned = 6,00 mbOTL by OldTimer - Version 3.2.61.2 log created on 09092012_172427Files\Folders moved on Reboot...Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.PendingFileRenameOperations files...Registry entries deleted on Reboot... Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 10, 2012 ID:595461 Share Posted September 10, 2012 Look for a couple of logs from Combofix & if found, Copy & Paste their contentsC:\Combofix.txtandC:\Qoobox\ComboFix-quarantined-files.txtNext, a new run of OTLLocate the OTL.exe on your DesktopDouble-click OTL.exe to start it.Look at the upper left of window. Press the pink color Quick Scan button.Have patience while it runs.It will produce a new log. Save it.Copy and paste back here a copy of the new OTL.txt AND, tell me, How is the system now ? Link to post Share on other sites More sharing options...
Anders03 Posted September 10, 2012 Author ID:595474 Share Posted September 10, 2012 Partner37 is still active.I found the second Combo-Mix file:KILLALL::DDS::uStart Page = hxxp://search.chatzum.com/mStart Page = hxxp://search.chatzum.com/uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllBHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dllBHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllTB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dllTB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dlluRun: [ares] "c:\program\ares\Ares.exe" -hFolder::c:\program\aresc:\program\utorrentbarOTL:OTL logfile created on: 2012-09-10 15:28:43 - Run 2OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\SkrivbordWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,84% Memory free5,76 Gb Paging File | 4,84 Gb Available in Paging File | 84,02% Paging File freePaging file location(s): C:\pagefile.sys 4000 4000 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\ProgramDrive C: | 298,08 Gb Total Space | 238,19 Gb Free Space | 79,91% Space Free | Partition Type: NTFSComputer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick ScanCompany Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exePRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exePRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exePRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exePRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exePRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exePRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exePRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exePRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exePRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exePRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exePRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exePRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exePRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exePRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exePRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exePRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exePRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exePRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exePRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exePRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXEPRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXEPRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exePRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exePRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe========== Modules (No Company Name) ==========MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exeMOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dllMOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exeMOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exeMOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dllMOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dllMOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dllMOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exeMOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exeMOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dllMOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe========== Services (SafeList) ==========SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)DRV - File not found [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7A6243A8-A23C-47BF-992F-CB95CB468D62}\MpKsld64fc128.sys -- (MpKsld64fc128)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =IE - HKLM\..\SearchScopes,DefaultScope =IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = svIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 7D 76 21 A0 8E CD 01 [binary data]IE - HKCU\..\SearchScopes,DefaultScope =IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: ""FF - prefs.js..browser.search.order.1: ""FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "https://www.google.se/"FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"FF - prefs.js..network.proxy.type: 2FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not foundFF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not foundFF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.comFF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M][2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions[2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml========== Chrome ==========CHR - default_search_provider: google.se (Enabled)CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1CHR - default_search_provider: suggest_url =CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dllCHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dllCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dllCHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dllCHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dllCHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dllCHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllCHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllCHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dllCHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dllCHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dllCHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dllCHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dllCHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dllCHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dllCHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dllCHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dllCHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dllCHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dllCHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dllCHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: ::1 localhostO2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not foundO4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not foundO4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not foundO4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not foundO4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not foundO8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not foundO15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O24 - Desktop Components:0 (Min aktuella startsida) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ==========[2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix[2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL[2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox[2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job[2012-09-10 15:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job[2012-09-10 15:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job[2012-09-10 14:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job[2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png[2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job[2012-09-10 10:17:58 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job[2012-09-10 10:09:57 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk[2012-09-10 10:08:39 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-10 10:08:32 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-10 10:08:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2012-09-10 10:07:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2012-09-09 23:21:05 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts[2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe[2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job[2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files Created - No Company Name ==========[2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png[2012-09-10 10:08:14 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job[2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe[2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat========== LOP Check ==========[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo[2012-09-10 10:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-09-10 15:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD[2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job[2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job========== Purity Check ==========< End of report > Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 10, 2012 ID:595487 Share Posted September 10, 2012 IF you have Spybot Search & Destroy, make sure that Tea Timer is not active !IF you have other security programs besides MS Security Essentials, let me know which.Let me know what antivirus you had from before MSE Reminder and warning: Do not do any online games (especially poker) while we are trying to hunt for & clean malware Do not do any online transactions of any kind, NO online shopping, NO websurfing !Only go to this forum and the sites I guide you to.Internet Explorer1. Open Internet Explorer.2. Click "Tools," and then click "Internet Options."3. Click "Connections," and then click "LAN Settings."4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.5. Make sure Proxy servers block is not selected (not checkmarked).6. Apply changes & OKNEXT:Using IE (only!) to http://support.microsoft.com/kb/923737 [ignore any DOES NOT APPLY warning as well as the APPLIES TO section], run the Fix It and then reboot.Tip: For optimal results, enable the Delete personal settings option.In your next reply, confirm that you have done this set of steps in Internet Explorer.RKILLDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsFor directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallPlease download Rkill by Grinler and save it to your desktop.Link 2Link 3Link 4Double-click on the Rkill desktop icon to run the tool.If using Vista or Windows 7, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.If your antivirus program gives a prompt message, respond positive to allow RKILL to run.If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILLIF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.htmlnew OTL reportclose any of your open windows/programs and exit; saving any open work you have.I'd like to have you do a special run of OTL to generate some searches & a new log-report.Please double-click OTL.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):*****************************************************************netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%ALLUSERSPROFILE%\Application Data\*.%ALLUSERSPROFILE%\Application Data\*.exe /s%ALLUSERSPROFILE%\Application Data\*.dll /s%APPDATA%\*.%APPDATA%\*.exe /s%APPDATA%\*.dll /s%SYSTEMDRIVE%\*.exe/md5startrundll32.exethemeui.dllbeep.sysuserinit.exeeventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32.sysahcix86s.sys/md5stopc:\windows|protector;true;true;true /FPc:\windows|partner;true;true;true /FP%USERPROFILE%\..|smtmp;true;true;true /FP%systemroot%\system32\drivers\*.sys /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfilesCREATERESTOREPOINT*****************************************************************Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.Close any browser(s) windows that may be open.Using your mouse, click on Run Scan.The scan won't take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of just OTL.txtDownload Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document. Link to post Share on other sites More sharing options...
Anders03 Posted September 10, 2012 Author ID:595512 Share Posted September 10, 2012 IF you have Spybot Search & Destroy, make sure that Tea Timer is not active !IF you have other security programs besides MS Security Essentials, let me know which.Let me know what antivirus you had from before MSE I'm not aware of any Spybot.MSE should be the only one currently and I can't remember me having another one earlier.In your next reply, confirm that you have done this set of steps in Internet Explorer.Yes I did and now I don't have any weird search pages and toolbars anymore I think (On IE).When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a replI ran it and it seemed to work successfully according to the post comments. However, when it said it was producing a log and I pressed ok, an empty notepad document popped up and no log was saved on the desktop. I tried the other links and same thing happened time after time. Link to post Share on other sites More sharing options...
Anders03 Posted September 10, 2012 Author ID:595513 Share Posted September 10, 2012 OTL.Txt:OTL logfile created on: 2012-09-10 17:37:57 - Run 3OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\SkrivbordWindows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd2,00 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,41% Memory free5,76 Gb Paging File | 4,81 Gb Available in Paging File | 83,65% Paging File freePaging file location(s): C:\pagefile.sys 4000 4000 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\ProgramDrive C: | 298,08 Gb Total Space | 238,03 Gb Free Space | 79,86% Space Free | Partition Type: NTFSComputer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exePRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exePRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exePRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exePRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exePRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exePRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exePRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exePRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exePRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exePRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exePRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exePRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exePRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exePRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exePRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exePRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exePRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exePRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXEPRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXEPRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exePRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exePRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe========== Modules (No Company Name) ==========MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exeMOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dllMOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exeMOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exeMOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dllMOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dllMOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dllMOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exeMOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exeMOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dllMOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dllMOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe========== Services (SafeList) ==========SRV - [2012-09-10 16:13:38 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = svIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 04 FC D1 68 8F CD 01 [binary data]IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: ""FF - prefs.js..browser.search.order.1: ""FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..browser.startup.homepage: "https://www.google.se/"FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"FF - prefs.js..network.proxy.type: 2FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not foundFF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not foundFF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-09-10 16:13:40 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.comFF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M][2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions[2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions[2012-09-10 16:13:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml[2012-09-10 16:13:15 | 000,002,465 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml[2012-09-10 16:13:15 | 000,001,387 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml[2012-09-10 16:13:15 | 000,001,164 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml========== Chrome ==========CHR - default_search_provider: google.se (Enabled)CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dllCHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dllCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dllCHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dllCHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dllCHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dllCHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dllCHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dllCHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllCHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllCHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dllCHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dllCHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dllCHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dllCHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dllCHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dllCHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dllCHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dllCHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dllCHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dllCHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dllCHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dllCHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dllCHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HostsO1 - Hosts: 127.0.0.1 localhostO1 - Hosts: ::1 localhostO2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not foundO4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not foundO4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not foundO4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not foundO4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not foundO15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O24 - Desktop Components:0 (Min aktuella startsida) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)NetSvcs: 6to4 - File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: Irmon - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not foundSafeBootMin: Base - Driver GroupSafeBootMin: Boot Bus Extender - Driver GroupSafeBootMin: Boot file system - Driver GroupSafeBootMin: File system - Driver GroupSafeBootMin: Filter - Driver GroupSafeBootMin: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)SafeBootMin: PCI Configuration - Driver GroupSafeBootMin: PEVSystemStart - ServiceSafeBootMin: PNP Filter - Driver GroupSafeBootMin: Primary disk - Driver GroupSafeBootMin: procexp90.Sys - DriverSafeBootMin: SCSI Class - Driver GroupSafeBootMin: sermouse.sys - DriverSafeBootMin: System Bus Extender - Driver GroupSafeBootMin: vga.sys - DriverSafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootNet: Base - Driver GroupSafeBootNet: Boot Bus Extender - Driver GroupSafeBootNet: Boot file system - Driver GroupSafeBootNet: File system - Driver GroupSafeBootNet: Filter - Driver GroupSafeBootNet: Hamachi2Svc - C:\Program\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)SafeBootNet: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)SafeBootNet: NDIS Wrapper - Driver GroupSafeBootNet: NetBIOSGroup - Driver GroupSafeBootNet: NetDDEGroup - Driver GroupSafeBootNet: Network - Driver GroupSafeBootNet: NetworkProvider - Driver GroupSafeBootNet: PCI Configuration - Driver GroupSafeBootNet: PEVSystemStart - ServiceSafeBootNet: PNP Filter - Driver GroupSafeBootNet: PNP_TDI - Driver GroupSafeBootNet: Primary disk - Driver GroupSafeBootNet: procexp90.Sys - DriverSafeBootNet: SCSI Class - Driver GroupSafeBootNet: sermouse.sys - DriverSafeBootNet: Streams Drivers - Driver GroupSafeBootNet: System Bus Extender - Driver GroupSafeBootNet: TDI - Driver GroupSafeBootNet: vga.sys - DriverSafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesActiveX: {068C9DC9-BB4B-1616-688C-B33F2C5C2466} - DirectXActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering av vektorgrafikActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShowActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimationActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Databindning för dynamisk HTML för JavaActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing PackActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - UniscribeActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET FrameworkActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Avancerad redigeringActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /installActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NTActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShowActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawExActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer HelpActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Javaklasser för DirectAnimationActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUserActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICWActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup ToolsActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing EnhancementsActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media PlayerActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site AccessActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET FrameworkActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web FoldersActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /installActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dllActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettingsActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,InstallActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data BindingActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET FrameworkActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdateActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core FontsActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - SchemaläggarenActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave FlashActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML HelpActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service InterfaceActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exeActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMPActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfigActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUPActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUPActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOEDrivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm ()Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll ()Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll ()Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation)Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Link to post Share on other sites More sharing options...
Anders03 Posted September 10, 2012 Author ID:595514 Share Posted September 10, 2012 CREATERESTOREPOINTRestore point Set: OTL Restore Point========== Files/Folders - Created Within 30 Days ==========[2012-09-10 17:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\Gamla Loggar[2012-09-10 17:34:05 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe[2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER[2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix[2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL[2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox[2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris[2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll[2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll[2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll[2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll[2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll[2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll[2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll[2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll[2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll[2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll[2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll[2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll[2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll[2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll[2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll[2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll[2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll[2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll[2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll[2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll[2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll[2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll[2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll[2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll[2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll[2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll[2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll[2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll[2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll[2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll[2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll[2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll[2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll[2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll[2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll[2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll[2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll[2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll[2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll[2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll[2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll[2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll[2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll[2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll[2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll[2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll[2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll[2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll[2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll[2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll[2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll[2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll[2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll[2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll[2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll[2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll[2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll[2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll[2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll[2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll[2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll[2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll[2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll[2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll[2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll[2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll[2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll[2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll[2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll[2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll[2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll[2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll[2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll[2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll[2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll[2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll[2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll[2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys[2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys[2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax[2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys[2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys[2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys[2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys[2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2012-09-10 17:34:51 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2012-09-10 17:34:11 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe[2012-09-10 17:28:07 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job[2012-09-10 17:26:14 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-10 17:26:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job[2012-09-10 17:25:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2012-09-10 17:24:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2012-09-10 17:23:47 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2012-09-10 17:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job[2012-09-10 17:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job[2012-09-10 16:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job[2012-09-10 16:17:45 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk[2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png[2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job[2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe[2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts[2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe[2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job[2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe[2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ][3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ][1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]========== Files Created - No Company Name ==========[2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png[2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe[2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat========== Custom Scans ==========< %ALLUSERSPROFILE%\Application Data\*. >[2011-07-04 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe[2011-07-04 16:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor[2012-02-03 14:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple[2012-04-17 16:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro[2012-07-18 16:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX[2011-12-14 11:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX[2012-08-29 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey[2012-07-10 14:54:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft[2012-08-16 02:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help[2012-06-22 19:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla[2011-07-04 18:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager[2012-05-30 21:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real[2012-08-28 23:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype[2011-10-01 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs[2011-08-21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle[2011-07-04 13:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}< %ALLUSERSPROFILE%\Application Data\*.exe /s >[2009-02-04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe[2012-05-03 20:07:44 | 000,092,096 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\uninstall.exe[2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe[2012-06-16 16:25:32 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.6.3.25\SetupAdmin.exe[2012-04-19 12:58:06 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe[2012-04-19 12:58:18 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe[2012-04-19 12:58:31 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe[2012-04-19 12:58:38 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe[2012-07-18 16:13:37 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe[2012-04-19 12:58:33 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe[2012-07-18 16:14:17 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe[2012-04-19 12:58:32 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe[2012-04-19 12:58:34 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe[2012-04-19 12:58:35 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe[2012-04-19 12:58:37 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe[2012-04-19 12:58:19 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe[2012-04-19 12:58:01 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe[2012-04-19 12:58:04 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe[2012-07-18 16:14:10 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe[2012-04-19 12:58:15 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe[2012-07-18 16:10:08 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe[2012-04-19 12:58:29 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe[2012-07-18 16:13:42 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe[2011-09-30 16:41:01 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe[2012-07-18 16:14:16 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe[2011-09-20 05:19:08 | 000,109,656 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\LGMLauncher.exe[2011-04-27 05:12:20 | 000,235,456 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe[2011-09-28 01:39:52 | 000,404,568 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe[2011-04-01 01:55:52 | 000,038,840 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGbackagent.exe[2011-09-28 02:58:02 | 000,785,496 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGUserCSTool.exe[2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe[2012-08-16 16:18:04 | 003,379,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe[2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2011-03-11 05:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe< %ALLUSERSPROFILE%\Application Data\*.dll /s >[2006-11-02 06:21:54 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll[2008-04-17 12:12:54 | 000,107,368 | ---- | M] (GEAR Software Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll[2012-05-03 20:07:40 | 000,309,416 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll[2012-08-16 15:42:30 | 000,211,624 | ---- | M] (Ask.com) -- C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\MYC-ST\APNIC.dll[2012-07-18 16:10:40 | 000,620,400 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\finishPlugin.dll[2012-07-18 16:10:20 | 001,709,936 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\Resource.dll[2012-07-18 16:15:02 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\RunAsUser\RUNASUSERPROCESS.dll[2011-09-26 07:10:20 | 000,118,784 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDL.dll[2010-03-16 08:31:58 | 000,024,576 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll[2011-09-28 01:38:20 | 000,548,864 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll[2012-08-24 17:57:00 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Max Secure\Max Spyware Detector\SysSD.dll[2008-09-17 15:29:12 | 000,020,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll[2012-07-10 14:59:23 | 000,019,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll[2012-07-10 14:59:27 | 000,564,632 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll[2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E8339C9-177D-4B60-9427-26FFAD979AA1}\mpengine.dll[2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll[2008-05-19 13:04:06 | 002,368,000 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll[2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll[2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll[2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll[2012-08-03 09:05:02 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll[2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll[2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll[2012-08-03 09:03:26 | 000,436,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll[2012-08-03 09:05:42 | 000,435,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll[2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll[2012-08-03 09:05:10 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll[2012-08-03 09:05:16 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll[2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll[2011-11-22 22:35:23 | 000,028,160 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll[2011-11-22 22:35:23 | 000,397,488 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll[2011-11-22 22:35:23 | 000,035,840 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll[2011-11-22 22:35:24 | 000,032,256 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordlegacyext.dll[2011-11-22 22:35:22 | 000,425,680 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll[2011-11-22 22:35:23 | 000,095,744 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll[2011-11-22 22:35:23 | 000,019,456 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll[2012-07-26 10:37:24 | 000,035,840 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\CustomRTMP\CustomRTMP.dll[2012-07-26 10:37:24 | 000,036,864 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\SplitMediaLabs.LocalRecording\SplitMediaLabs.LocalRecording.dll[2011-10-12 01:54:21 | 000,768,512 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll[2011-10-12 01:54:12 | 000,476,672 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll< %APPDATA%\*. >[2012-06-13 00:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Adobe[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft[2012-05-21 17:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apple Computer[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty[2011-10-18 02:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DivX[2012-04-17 12:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\dvdcss[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo[2012-09-10 17:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake[2012-05-30 16:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Help[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data[2011-07-04 12:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Identities[2011-07-04 13:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\InstallShield[2012-08-24 19:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Macromedia[2012-08-29 14:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder[2012-02-10 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Player Classic[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey[2012-05-12 18:05:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anders\Application Data\Microsoft[2012-06-22 19:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Mozilla[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD[2011-07-04 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Nero[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal[2012-05-30 21:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Real[2011-12-14 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\RealNetworks[2012-09-10 17:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Skype[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs[2012-09-10 16:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify[2011-08-21 12:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sun[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle[2012-04-17 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\U3[2012-09-02 13:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\vlc[2011-10-18 01:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\WinRAR[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD< %APPDATA%\*.exe /s >[2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\KeepMeUpdated.exe[2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\64\KeepMeUpdated.exe[2012-08-17 22:41:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.10\agent\rnupgagent.exe[2012-07-19 22:12:12 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe[2006-12-14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\U3\temp\cleanup.exe[2007-02-12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Anders\Application Data\U3\temp\Launchpad Removal.exe< %APPDATA%\*.dll /s >[2012-01-02 01:11:18 | 005,494,272 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Adobe\Flash Player\NativeCache\E6A8DB80E4AEE90C7CB47D1A338C7244\55c87052\adobecp-300592-2.dll[2012-01-18 03:51:08 | 000,139,768 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll[2012-01-18 03:51:08 | 000,167,416 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\64\Complitly64.dll[2012-07-11 00:01:12 | 000,015,128 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Anders\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll[2011-07-26 17:59:53 | 000,208,896 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_dsp.dll[2011-07-26 17:59:53 | 000,282,624 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll[2011-07-26 17:59:53 | 000,655,360 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll[2012-05-17 17:09:05 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Sun\Java\jre1.7.0_04\lzma.dll< %SYSTEMDRIVE%\*.exe >[2012-07-04 05:48:38 | 003,861,472 | ---- | M] () -- C:\chatzum.exe< MD5 for: AGP440.SYS >[2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys< MD5 for: ATAPI.SYS >[2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys[2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys< MD5 for: BEEP.SYS >[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys< MD5 for: EVENTLOG.DLL >[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\dllcache\eventlog.dll[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\eventlog.dll< MD5 for: NETLOGON.DLL >[2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\dllcache\netlogon.dll[2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\netlogon.dll< MD5 for: RUNDLL32.EXE >[2012-07-03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe[2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\dllcache\rundll32.exe[2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\rundll32.exe< MD5 for: SCECLI.DLL >[2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\dllcache\scecli.dll[2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\scecli.dll< MD5 for: THEMEUI.DLL >[2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\dllcache\themeui.dll[2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\themeui.dll< MD5 for: USERINIT.EXE >[2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\dllcache\userinit.exe[2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\userinit.exe< c:\windows|protector;true;true;true /FP >[2012-09-10 17:23:47 | 000,027,590 | ---- | M] () -- c:\WINDOWS\Prefetch\%PROTECTOR PROCESS NAME%.EXE-10BA9BD9.pf< c:\windows|partner;true;true;true /FP >< %USERPROFILE%\..|smtmp;true;true;true /FP >< %systemroot%\system32\drivers\*.sys /lockedfiles >[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]< %systemroot%\System32\config\*.sav >[2011-07-04 14:17:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav[2011-07-04 14:17:23 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav[2011-07-04 14:17:23 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav< %systemroot%\*. /mp /s >< %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]< >< End of report >checkup.txt: Results of screen317's Security Check version 0.99.50 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.0 Java 6 Update 26 Java 7 Update 4 Java version out of Date! Adobe Flash Player 11.3.300.271 Mozilla Firefox (15.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` Link to post Share on other sites
Recommended Posts