Jump to content

Partner37 struggle


Recommended Posts

I've read this is pretty common but I haven't had that big success googling for solutions. I've had this for a few weeks and the only problem is that I'm getting forward to the partner37 url sometimes. And when it does accure it's very hard to open up a new tab to get to the page I wanted to go to as I will just instantly get the partner37 again. Often works to just change browser from chrome to firefox. And btw, start page on firefox is "Search Safer" which i believe is some kind of virus as well as it's not supposed to be there when I open a new tab. Anyway I need to try do something so I will see if you can help me here.

I'm on the MBAM pro trial and the full scan i made some week ago detected lot of stuff which I removed all of it. But the partner37 remained. Today I made the quick scan and it didn't find anything.

Let me know if I've forgot to do something but here are the .txt logs I believe I'm supposed to post.

attach.txt

dds.txt

Thank you.

Link to post
Share on other sites

Hello Anders03 and welcome to MalwareBytes forums.

Going forward, please only Copy and Paste the contents of logs directly into the main-body of reply box.

Use NOTEPAD to open a log. Do a CTRL+A to Copy ALL

In the reply box, do a CTRL+V inside the reply box to Paste

Link to post
Share on other sites

eusa_hand.gif Your logs showed some peer-to-peer filesharing apps: Ares & uTorrent

You must remove those 2 + any other peer-to-peer app (using Control Panel >> Add-or-Remove Programs ) and then logoff & Restart system AND

confirm for me that you have done so.

Do that before we continue with any further follow-up.

Filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Link to post
Share on other sites

You will want to print out or copy these instructions to Notepad for easier offline reference!

These steps are for Anders03 only. If you are a casual viewer, do NOT try this on your system!

If you are not Anders03 and have a similar problem, do NOT post here; start your own topic

The fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to your System or any other one!

You will want to print out or copy these instructions to Notepad for offline reference!

Step 1

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear

Click the Disable button to disable your CD Emulation drivers.

Click Yes to continue

A 'Finished!' message will appear

Click OK

DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Step 2

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 3

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 4

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power or a UPS system)

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

For help reference, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

If you have a prior copy of Combofix, delete it now !

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

CF_download_FF.gif

CF_download_rename.gif

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

2. Open notepad and copy/paste the text in the quotebox below into it:

KILLALL::

DDS::
uStart Page = hxxp://search.chatzum.com/
mStart Page = hxxp://search.chatzum.com/
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll
uRun: [ares] "c:\program\ares\Ares.exe" -h

Folder::
c:\program\ares
c:\program\utorrentbar

Save this as CFScript.txt, in the same location as ComboFix.exe

3. Close any (all) open browsers.

4:

Drag and drop CFScript.txt onto Combofix (the red-lion icon) so that it starts a scripted run of Combofix :excl:

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply {Copy & Paste}.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh !

Reply & Copy & Paste the C:\Combofix.txt log and tell me, How is the system now :excl:

RE-Enable your AntiVirus and AntiSpyware applications.

Link to post
Share on other sites

Did you see it start ? was there not a display of the phase # shown ?

How do you know "nothing happened"?

Did you turn off your antivirus app beforehand ?

Look in your C drive, in the root, C:\

for Combofix.txt

IF found, copy and paste the contents of C:\Combofix.txt

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

  • Close all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
  • It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
  • Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
  • Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Link to post
Share on other sites

Did you see it start ? was there not a display of the phase # shown ?

How do you know "nothing happened"?

Did you turn off your antivirus app beforehand ?

Look in your C drive, in the root, C:\

for Combofix.txt

IF found, copy and paste the contents of C:\Combofix.txt

It started and was working for a while, maybe 20 minutes .Then nothing happened for 30-40 minutes when it was saying "Removing these files:" and it was just a few files. I turned off microsoft security essentials yes.

I didn't get a log as I closed it and restarted my computer.

Shall I do combo fix again or should I continue with the next steps you just gave me?

Link to post
Share on other sites

I'm using standard-box pc. Made the scans now.

OTL.Txt

OTL logfile created on: 2012-09-08 20:54:32 - Run 1

OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free

5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File free

Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFS

Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe

PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe

PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe

PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe

PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe

PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe

PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

PRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exe

PRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exe

PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

PRC - [2010-07-16 13:58:56 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows NT\Tillbehör\wordpad.exe

PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe

PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe

PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE

PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE

PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll

MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll

MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll

MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll

MOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dll

MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

========== Services (SafeList) ==========

SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)

SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)

SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)

SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)

SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)

DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)

DRV - [2012-09-08 10:11:58 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C8531222-E07D-41BA-AEF7-EEBF9D663187}\MpKsl773a5346.sys -- (MpKsl773a5346)

DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)

DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)

DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)

DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)

DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)

DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)

DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)

DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)

DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)

DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)

DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)

DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)

DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)

DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)

DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)

DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)

DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)

DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)

DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)

DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)

DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227980

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=e4cffaf3000000000000001aa0662619

IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=EB75BA8D2AB505C7CAC68A502D02E5DF&q={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.chatzum.com/?q={searchTerms}

IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}

IE - HKCU\..\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}: "URL" = http://www.google.com/search?hl=sv&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468

IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb143/?search={searchTerms}&loc=IB_DS&a=6PQxaWucyc&i=26

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.google.se/"

FF - prefs.js..extensions.enabledAddons: stefanvandamme@stefanvd.net:2.0.0.100

FF - prefs.js..extensions.enabledAddons: {7473b6bd-4691-4744-a82b-7854eb3d70b6}:10.10.27.6

FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"

FF - prefs.js..network.proxy.type: 2

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M]

[2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions

[2012-08-29 23:05:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions

[2012-08-28 13:33:31 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

[2012-08-04 11:12:15 | 000,456,182 | ---- | M] () (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi

[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml

[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll

[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll

[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml

[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml

[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml

[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml

[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml

[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - default_search_provider: google.se (Enabled)

CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll

CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\

CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))

O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found

O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found

O4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)

O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)

O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found

O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()

O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)

O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not found

O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found

O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-07 18:13:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012-09-07 15:19:29 | 000,000,000 | --SD | C] -- C:\Combo-Fix

[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012-09-07 15:12:52 | 004,746,072 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT

[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT

[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4

[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4

[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4

[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger

[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi

[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi

[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes

[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware

[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam

[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam

[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE

[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris

[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris

[2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll

[2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll

[2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll

[2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll

[2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll

[2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll

[2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll

[2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll

[2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll

[2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll

[2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll

[2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll

[2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll

[2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll

[2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll

[2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll

[2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll

[2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll

[2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll

[2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll

[2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll

[2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll

[2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll

[2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll

[2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll

[2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll

[2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll

[2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll

[2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll

[2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll

[2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll

[2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll

[2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll

[2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll

[2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll

[2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll

[2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll

[2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll

[2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll

[2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll

[2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll

[2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll

[2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll

[2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll

[2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll

[2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll

[2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll

[2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll

[2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll

[2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll

[2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll

[2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll

[2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll

[2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll

[2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll

[2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll

[2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll

[2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll

[2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll

[2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll

[2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll

[2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll

[2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll

[2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll

[2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll

[2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll

[2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll

[2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll

[2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll

[2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys

[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade

[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar

[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede

[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs

[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy

[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy

[2012-08-16 16:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars

[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031

[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg

[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick

[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax

[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys

[2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax

[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll

[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam

[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job

[2012-09-08 20:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job

[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-08 20:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job

[2012-09-08 20:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job

[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp

[2012-09-08 13:35:46 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk

[2012-09-08 13:34:17 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-08 13:34:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-09-08 13:34:15 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-08 13:33:59 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-08 10:21:35 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012-09-08 10:11:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-09-08 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job

[2012-09-08 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job

[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2012-09-07 15:13:02 | 004,746,072 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-09-07 13:40:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012-09-07 10:34:42 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk

[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL

[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp

[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[2012-08-10 18:11:06 | 000,071,226 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png

[2012-08-10 18:09:55 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8

[2012-08-10 17:51:05 | 000,275,934 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp

[2012-08-10 17:45:05 | 000,071,195 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png

[2012-08-10 17:12:35 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp

[2012-08-10 17:04:53 | 000,193,254 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp

[2012-08-10 16:43:38 | 000,070,747 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png

[2012-08-10 16:28:54 | 000,055,222 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg

[2012-08-10 16:11:01 | 000,842,862 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png

[2012-08-10 16:11:00 | 001,122,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png

[2012-08-09 21:31:27 | 001,426,273 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-08 10:09:59 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job

[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[2012-08-10 18:11:06 | 000,071,226 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\jokelie19.png

[2012-08-10 18:09:55 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\WorldTourTitleWinner.al8

[2012-08-10 17:51:05 | 000,275,934 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\skrivtest.bmp

[2012-08-10 17:45:05 | 000,071,195 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\dynawinner.png

[2012-08-10 17:12:35 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\test2.bmp

[2012-08-10 17:04:53 | 000,193,254 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinnertest1.bmp

[2012-08-10 16:43:38 | 000,070,747 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\worldtourwinner.png

[2012-08-10 16:28:53 | 000,055,222 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\winnerworldtour.jpg

[2012-08-10 16:10:56 | 000,842,862 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160921.png

[2012-08-10 16:10:53 | 001,122,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10082012_160904.png

[2012-08-09 21:31:14 | 001,426,273 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_09082012_212249.png

[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv

[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat

[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll

[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv

[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls

[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini

[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv

[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt

[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt

[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv

[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo

[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini

[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT

[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI

[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2011-10-02 13:50:38 | 000,136,704 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll

[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini

[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll

[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf

[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask

[2012-02-28 18:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2011-09-30 16:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BabylonUpdater

[2012-08-29 17:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars

[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media

[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc

[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX

[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey

[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith

[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft

[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft

[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity

[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon

[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT

[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly

[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax

[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite

[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro

[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings

[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty

[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft

[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder

[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo

[2012-09-08 13:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier

[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake

[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data

[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder

[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey

[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader

[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD

[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera

[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle

[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal

[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia

[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony

[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-09-08 20:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify

[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister

[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare

[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD

[2012-09-08 20:58:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job

[2012-09-08 20:51:04 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

Extras.Txt

OTL Extras logfile created on: 2012-09-08 20:54:32 - Run 1

OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,34% Memory free

5,76 Gb Paging File | 4,85 Gb Available in Paging File | 84,32% Paging File free

Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 298,08 Gb Total Space | 238,28 Gb Free Space | 79,94% Space Free | Partition Type: NTFS

Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

https [open] -- "C:\Program\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [MediaMonkey.1Play] -- "C:\Program\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)

Directory [MediaMonkey.2PlayNext] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)

Directory [MediaMonkey.3Enqueue] -- "C:\Program\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)

Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server

"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server

"51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server

"51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

"C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

"C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated)

"C:\Program\Spotify\spotify.exe" = C:\Program\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)

"C:\Program\MSN Messenger\livecall.exe" = C:\Program\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

"C:\Program\Steam\Steam.exe" = C:\Program\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"C:\Program\redbet\pokerclient\redbet.exe" = C:\Program\redbet\pokerclient\redbet.exe:*:Enabled:Poker Client Software -- (Entraction Solutions AB)

"C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)

"C:\Program\Winamp\winamp.exe" = C:\Program\Winamp\winamp.exe:*:Enabled:Winamp

"C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe" = C:\Program\redbet\pokerclient\uTorrent\uTorrent.exe:*:Enabled:µTorrent

"C:\Program\Comeon Poker 2.0\PokerClient.exe" = C:\Program\Comeon Poker 2.0\PokerClient.exe:*:Enabled:Comeon Poker 2.0 -- (Comeon Poker)

"C:\Program\VideoLAN\VLC\vlc.exe" = C:\Program\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()

"C:\Program\Ares\Ares.exe" = C:\Program\Ares\Ares.exe:*:Enabled:Ares p2p for windows

"C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe" = C:\Program\Celeris\Virtual Pool 3 DL\vp3.exe:*:Enabled:Virtual Pool 3 DL -- (Celeris Inc.)

"C:\Program\GameSpy Arcade\Aphex.exe" = C:\Program\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0 -- (IGN Entertainment, Inc.)

"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)

"C:\Program\Veetle\Player\VeetleNet.exe" = C:\Program\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()

"C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program\SopCast\SopCast.exe" = C:\Program\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)

"C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\Spartan.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios)

"C:\Program\Opera\opera.exe" = C:\Program\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

"C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Program\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper -- (Opera Software)

"C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe" = C:\Program\Steam\steamapps\common\Age Of Empires Online\AOEOnline.exe:*:Enabled:Age of Empires Online -- (Microsoft Studios)

"c:\program\relevantknowledge\rlvknlg.exe" = c:\program\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client

"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414" = CanoScan LiDE 110 Scanner Driver

"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support

"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26

"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{291C5A9A-15B1-4F2C-898F-10D04D252886}" = Trafikskolan TEO

"{296D775C-839A-3618-8D5C-E2B588C5CD12}" = Microsoft .NET Framework 4 Extended SVE Language Pack

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.430

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets

"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4

"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4E799930-BBE1-4A64-BC49-99354D37DBB7}" = Adobe Creative Suite 4 Master Collection

"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly

"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SV-SE Language Pack

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4

"{6006089C-84B5-4F18-8113-D96792AED0DE}_is1" = ChrisPC Free Anonymous Proxy 3.00

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{7CE198D0-CFB0-49F2-9ECF-2F2C084EAD9E}" = Adobe Setup

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update

"{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.3.3

"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support

"{90120000-0010-041D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Swedish) 12

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0015-041D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Swedish) 2007

"{90120000-0015-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007

"{90120000-0016-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007

"{90120000-0018-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-041D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Swedish) 2007

"{90120000-0019-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-041D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Swedish) 2007

"{90120000-001A-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007

"{90120000-001B-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007

"{90120000-001F-040B-0000-0000000FF1CE}_PROPLUS_{C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007

"{90120000-001F-041D-0000-0000000FF1CE}_PROPLUS_{4A960AFC-E28F-4233-953F-1903BE859B79}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007

"{90120000-0044-041D-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Swedish) 2007

"{90120000-0044-041D-0000-0000000FF1CE}_PROPLUS_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007

"{90120000-006E-041D-0000-0000000FF1CE}_PROPLUS_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B700657-676B-4A98-8B25-40A1BAC81053}" = Nero 8 Essentials

"{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk

"{AC76BA86-1053-DF60-7760-000000000004}{AC76BA86-1053-DF60-7760-000000000004}" = Adobe Acrobat 9 Pro - Svenska, Dansk, Suomi, Norsk

"{ACC78BCD-6B12-4C73-8D98-5B96A4A6D73A}" = XSplit

"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser

"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4

"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3

"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C60AAF4C-A72C-36E0-8CA4-41FF753D74F6}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CD9A35D4-8A81-4188-98AF-14D759083FB4}" = Nordea NCR1 Installationspaket

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4

"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer

"{D7A3F13E-3B62-4DD8-84E5-E3D20F4FCA99}_is1" = DigitalClock version 1.1

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E801BD2A-AB6B-4B8F-9599-B164AC726EC8}" = Virtual Pool 4

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F8D02DBB-9B81-4192-9E85-219AD0447920}" = Microsoft Antimalware Service SV-SE Language Pack

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FA7F689F-88EB-4946-B105-4C434CF5B07A}" = BankID säkerhetsprogram

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"1180-6883-2514-0226-redbet-PROD" = redbet

"7-Zip" = 7-Zip 9.20

"AC3Filter_is1" = AC3Filter 1.63b

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Adobe_df1693a38ea3822700f69621b5e71d0" = Adobe Creative Suite 4 Master Collection

"AMDAway INF" = AMDAway INF

"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor

"Bandicam" = Bandicam

"BandiMPEG1" = Bandisoft MPEG-1 Decoder

"bet365poker" = Poker at bet365

"Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0

"Betsafe Poker_is1" = Betsafe Poker

"CamStudio" = CamStudio

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Combat Flight Simulator 1.00" = Microsoft Combat Flight Simulator

"Comeon Poker 2.0" = Comeon Poker 2.0

"DAEMON Tools Lite" = DAEMON Tools Lite

"DivX Setup" = DivX Setup

"EE9C4A93-0E83-4C66-9802-5DC13C189C12_is1" = Free Audio Recorder 6.6.6

"ERUNT_is1" = ERUNT 1.1j

"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.3.1206

"Free Desktop Clock" = Free Desktop Clock

"GameSpy Arcade" = GameSpy Arcade

"Gmail Notifier" = Gmail Notifier

"HandBrake" = HandBrake 0.9.6

"HyperCam 2" = HyperCam 2

"ie8" = Windows Internet Explorer 8

"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Basic)

"LogMeIn Hamachi" = LogMeIn Hamachi

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300

"MediaMonkey_is1" = MediaMonkey 4.0

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended SVE Language Pack" = Microsoft .NET Framework 4 Extended Language Pack - SVE

"Microsoft Security Client" = Microsoft Security Essentials

"Mozilla Firefox 14.0.1 (x86 sv-SE)" = Mozilla Firefox 14.0.1 (x86 sv-SE)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MWSnap 3" = MWSnap 3

"NVIDIA Drivers" = NVIDIA Drivers

"Opera 12.01.1532" = Opera 12.01

"Pirateplayer" = Pirateplayer

"PokerStars" = PokerStars

"PokerStars.net" = PokerStars.net

"PokerTracker3" = PokerTracker 3 (remove only)

"PokerTracker4" = PokerTracker 4 (remove only)

"PROPLUS" = Microsoft Office Professional Plus 2007

"Quick Screenshot Maker 2.1_is1" = Quick Screenshot Maker 2.1

"RealPlayer 15.0" = RealPlayer

"Replay Music3.45" = Replay Music

"SopCast" = SopCast 3.5.0

"Spotify" = Spotify

"Steam App 10" = Counter-Strike

"Steam App 105430" = Age of Empires Online

"Svea Rike II" = Svea Rike II

"Svenska Spels Poker" = Svenska Spels Poker

"Unlocker" = Unlocker 1.9.1

"Veetle TV" = Veetle TV

"William Hill Poker" = William Hill Poker

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"VLC media player" = VLC media player 2.0.1

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

"Xvid Video Codec 1.3.2" = Xvid Video Codec

"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"f396e7ec6e1240c7" = Tradera ProLister

"Google Chrome" = Google Chrome

"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 2012-08-26 18:21:21 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x0001d5b5.

Error - 2012-08-27 09:42:13 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x000ba4fe.

Error - 2012-08-27 15:06:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul unknown,

version 0.0.0.0, felaktig adress 0x0012f3bc.

Error - 2012-08-27 17:40:49 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x0002bf60.

Error - 2012-08-29 16:06:44 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program camtasiastudio.exe, version 7.1.1.1785, felaktig

modul xvidcore.dll, version 0.0.0.0, felaktig adress 0x0003a955.

Error - 2012-08-29 16:07:16 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1001

Description = Fel-bucket -1161878780.

Error - 2012-08-30 16:42:59 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x000ba49a.

Error - 2012-08-30 17:56:33 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x0001d602.

Error - 2012-08-30 18:00:40 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp3.exe, version 3.3.1.1, felaktig modul vp3.exe,

version 3.3.1.1, felaktig adress 0x000ba4a4.

Error - 2012-09-02 07:22:36 | Computer Name = ANDERS-EA22E516 | Source = Application Error | ID = 1000

Description = Felaktigt program vp4.exe, version 4.1.0.5, felaktig modul vp4.exe,

version 4.1.0.5, felaktig adress 0x001886ed.

[ System Events ]

Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034

Description = Tjänsten Smart Card avslutades oväntat. Detta har skett 1 gånger.

Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031

Description = Tjänsten Apple Mobile Device avslutades oväntat. Den har gjort detta

1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om

tjänsten.

Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7031

Description = Tjänsten Microsoft Antimalware Service avslutades oväntat. Den har

gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 15000 millisekunder:

Starta om tjänsten.

Error - 2012-09-07 09:24:13 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7034

Description = Tjänsten LogMeIn Hamachi Tunneling Engine avslutades oväntat. Detta

har skett 1 gånger.

Error - 2012-09-07 10:02:33 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

Error - 2012-09-07 17:10:57 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

Error - 2012-09-07 17:14:46 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

Error - 2012-09-07 17:21:11 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

Error - 2012-09-08 04:10:01 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

Error - 2012-09-08 04:11:55 | Computer Name = ANDERS-EA22E516 | Source = Service Control Manager | ID = 7000

Description = Tjänsten e2eCap - WDM Video Capture kunde inte startas på grund av

följande fel: %%1058

< End of report >

checkup.txt

Results of screen317's Security Check version 0.99.50

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

JavaFX 2.1.0

Java 6 Update 26

Java 7 Update 4

Java version out of Date!

Adobe Flash Player 11.3.300.271

Mozilla Firefox (14.0.1)

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C::

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Hello Anders03

Do NOT do any websurfing of any kind, NO web searching, NO shopping or game play or online transactions.

Only go to this forum and the websites I guide you to.

There is LOTS of work to do, even after the following.

Run a Script

  1. Press the Windows-key on keyboard + R key. {or Start >> RUN }
  2. In the RUN box, type notepad and press Enter.
  3. Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    sc stop bProtector
    sc config bProtector start= disabled
    del /f /q "%~f0"


  4. Select File -> Save AS.
  5. Press the Desktop button on the left side of the save dialog.
  6. In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  7. Press 10-16-2011%204-36-39%20PM.png.
  8. Close Notepad.
  9. Double-click FIX.BAT to start it in a command-prompt-window :excl:
  10. It will run very quickly and then remove itself at the end.

Step 2

Turn off your MS Security Essentials antivirus

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Step 3

Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from

>>> here <<<

  • Double-click FixPolicies.exe.
  • Click the "Install" button on the bottom toolbar of the box that will open.
  • The program will create a new Folder called FixPolicies.
  • Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  • A black box will briefly appear and then close.
  • This fix may prove temporary. Active malware may revert these changes at your next startup. You can safely run the utility again.

Step 4

  • Please double-click OTL.exe otlDesktopIcon.png to run it. (Note: If you are running on Windows 7 or Vista, right-click on the file and choose Run As Administrator).
  • Copy ALL the lines (including blank lines ) inside the CODE box below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :otl
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzu...q={searchTerms}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.condui...&ctid=CT3227980
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001aa0662619
    IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
    IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.chatzu...q={searchTerms}
    IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzu...q={SearchTerms}
    IE - HKCU\..\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}: "URL" = http://www.google.co...q={searchTerms}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3220468
    IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6PQxaWucyc&i=26

    :files
    c:\program\ares
    c:\program\utorrentbar
    C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
    C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi
    C:\Documents and Settings\All Users\Application Data\Babylon
    C:\Documents and Settings\All Users\Application Data\BabylonUpdater
    C:\Documents and Settings\All Users\Application Data\blekko toolbars
    c:\program\utorrentbar\prxtbuTor.dll
    c:\program\search~1\datamngr\toolbar\searchqudtx.dll
    c:\program\utorrentbar\prxtbuTor.dll
    recycler /alldrives

    :reg
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Ares"=-

    :Commands
    [purity]
    [resethosts]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [emptyjava]
    [Reboot]


  • Return to OTL. Right click in the customFix.png window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on the red-lettered button runFixbutton.png.
  • Once you see a message box "Fix complete! Click OK to open the fix log."
    Click the OK button
  • The log will open in Notepad (your default text editor).
  • Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.

If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Step 5

NEXT run Combo-fix that you have from before. Double-click the EXE file to start it

C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

Follow the prompts and respond

Accept the EULA license when prompted :excl:

Allow it to download a new version IF it asks :excl:

Have lots and lots of patience while it runs.

When all finished, Copy and Paste contents of C:\Combofix.txt

and turn ON your MS Security Essentials when all done.

Edited by Maurice Naggar
Link to post
Share on other sites

If a complete system reboot is necessary for me, please tell.

Combo-Fix got stuck again.

Finishing stage 1.....

Finishing stage 2.....

........

........

Finishing stage 50....

It came to this pretty quick but then nothing happened during 2 hours or so.

_____________________________________________________________

OTL-log:

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0065856-99D2-45A6-A927-A5B633B680F1}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0065856-99D2-45A6-A927-A5B633B680F1}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.

========== FILES ==========

File\Folder c:\program\ares not found.

File\Folder c:\program\utorrentbar not found.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.

C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\stefanvandamme@stefanvd.net.xpi moved successfully.

C:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully.

C:\Documents and Settings\All Users\Application Data\BabylonUpdater folder moved successfully.

C:\Documents and Settings\All Users\Application Data\blekko toolbars folder moved successfully.

File\Folder c:\program\utorrentbar\prxtbuTor.dll not found.

File\Folder c:\program\search~1\datamngr\toolbar\searchqudtx.dll not found.

File\Folder c:\program\utorrentbar\prxtbuTor.dll not found.

C:\RECYCLER\S-1-5-21-1659004503-343818398-682003330-1003 folder moved successfully.

C:\RECYCLER folder moved successfully.

========== REGISTRY ==========

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ares not found.

========== COMMANDS ==========

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

[EMPTYFLASH]

User: All Users

User: Anders

->Flash cache emptied: 81026 bytes

User: Anders-2

->Flash cache emptied: 3911 bytes

User: Default User

User: LocalService

User: NetworkService

User: postgres

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Anders

->Java cache emptied: 6265466 bytes

User: Anders-2

->Java cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: postgres

Total Java Files Cleaned = 6,00 mb

OTL by OldTimer - Version 3.2.61.2 log created on 09092012_172427

Files\Folders moved on Reboot...

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome scheduled to be moved on reboot.

Folder move failed. C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Look for a couple of logs from Combofix & if found, Copy & Paste their contents

C:\Combofix.txt

and

C:\Qoobox\ComboFix-quarantined-files.txt

Next, a new run of OTL

Locate the OTL.exe on your Desktop

Double-click OTL.exe otlDesktopIcon.png to start it.

Look at the upper left of window. Press the pink color Quick Scan button.

Have patience while it runs.

It will produce a new log. Save it.

Copy and paste back here a copy of the new OTL.txt AND, tell me, How is the system now ?

Link to post
Share on other sites

Partner37 is still active.

I found the second Combo-Mix file:

KILLALL::

DDS::

uStart Page = hxxp://search.chatzum.com/

mStart Page = hxxp://search.chatzum.com/

uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program\utorrentbar\prxtbuTor.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program\search~1\datamngr\toolbar\searchqudtx.dll

uRun: [ares] "c:\program\ares\Ares.exe" -h

Folder::

c:\program\ares

c:\program\utorrentbar

OTL:

OTL logfile created on: 2012-09-10 15:28:43 - Run 2

OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,84% Memory free

5,76 Gb Paging File | 4,84 Gb Available in Paging File | 84,02% Paging File free

Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 298,08 Gb Total Space | 238,19 Gb Free Space | 79,91% Space Free | Partition Type: NTFS

Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe

PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe

PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe

PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe

PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe

PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe

PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

PRC - [2011-05-27 17:42:56 | 001,368,912 | ---- | M] (Comfort Software Group) -- C:\Program\FreeAlarmClock\FreeAlarmClock.exe

PRC - [2011-04-07 19:39:34 | 002,155,008 | ---- | M] (www.gmailnotifier.com) -- C:\Program\Gmail Notifier\Gmail Notifier.exe

PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe

PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe

PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE

PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE

PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll

MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll

MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll

MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll

MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

========== Services (SafeList) ==========

SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)

SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)

SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)

SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)

SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)

DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)

DRV - File not found [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7A6243A8-A23C-47BF-992F-CB95CB468D62}\MpKsld64fc128.sys -- (MpKsld64fc128)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)

DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)

DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)

DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)

DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)

DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)

DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)

DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)

DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)

DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)

DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)

DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)

DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)

DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)

DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)

DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)

DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)

DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)

DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)

DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)

DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)

DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 7D 76 21 A0 8E CD 01 [binary data]

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.google.se/"

FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"

FF - prefs.js..network.proxy.type: 2

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-08-29 17:13:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M]

[2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions

[2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions

[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml

[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll

[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll

[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml

[2012-07-14 03:16:10 | 000,002,252 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml

[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml

[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml

[2012-07-14 03:16:10 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml

[2012-07-14 03:16:10 | 000,000,951 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - default_search_provider: google.se (Enabled)

CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll

CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\

CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))

O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found

O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found

O4 - HKCU..\Run: [FreeAC] C:\Program\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)

O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)

O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found

O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()

O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)

O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Download with &Media Finder - C:\Program\Media Finder\hook.html File not found

O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found

O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix

[2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL

[2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies

[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT

[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT

[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4

[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4

[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4

[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger

[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi

[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi

[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes

[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware

[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam

[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam

[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE

[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris

[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys

[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade

[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar

[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede

[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs

[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy

[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy

[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031

[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg

[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick

[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax

[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys

[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam

[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PC Performer Manager.job

[2012-09-10 15:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job

[2012-09-10 15:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job

[2012-09-10 14:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png

[2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job

[2012-09-10 10:17:58 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job

[2012-09-10 10:09:57 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk

[2012-09-10 10:08:39 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-10 10:08:32 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-10 10:08:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-09-10 10:07:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-09-09 23:21:05 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts

[2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe

[2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job

[2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe

[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp

[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk

[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL

[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp

[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png

[2012-09-10 10:08:14 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\PC Performer Manager.job

[2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe

[2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe

[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv

[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat

[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll

[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv

[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls

[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini

[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv

[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt

[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt

[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv

[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo

[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini

[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT

[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI

[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll

[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini

[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll

[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf

[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask

[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media

[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc

[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX

[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey

[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith

[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft

[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft

[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity

[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon

[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT

[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly

[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax

[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite

[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro

[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings

[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty

[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft

[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder

[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo

[2012-09-10 10:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier

[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake

[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data

[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder

[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey

[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader

[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD

[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera

[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle

[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal

[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia

[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony

[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-09-10 15:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify

[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister

[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare

[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD

[2012-09-10 15:32:00 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer Manager.job

[2012-09-10 10:26:37 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

IF you have Spybot Search & Destroy, make sure that Tea Timer is not active !

IF you have other security programs besides MS Security Essentials, let me know which.

Let me know what antivirus you had from before MSE :excl:

eusa_hand.gif

Reminder and warning: Do not do any online games (especially poker) while we are trying to hunt for & clean malware :excl:

Do not do any online transactions of any kind, NO online shopping, NO websurfing !

Only go to this forum and the sites I guide you to.

Internet Explorer

1. Open Internet Explorer.

2. Click "Tools," and then click "Internet Options."

3. Click "Connections," and then click "LAN Settings."

4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.

5. Make sure Proxy servers block is not selected (not checkmarked).

6. Apply changes & OK

NEXT:

Using IE (only!) to http://support.microsoft.com/kb/923737

[ignore any DOES NOT APPLY warning as well as the APPLIES TO section],

run the Fix It and then reboot.

Tip: For optimal results, enable the Delete personal settings option.

In your next reply, confirm that you have done this set of steps in Internet Explorer.

RKILL

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

new OTL report

close any of your open windows/programs and exit; saving any open work you have.

I'd like to have you do a special run of OTL to generate some searches & a new log-report.

  • Please double-click OTL.exe otlDesktopIcon.png to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.dll /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %APPDATA%\*.dll /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    rundll32.exe
    themeui.dll
    beep.sys
    userinit.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    /md5stop
    c:\windows|protector;true;true;true /FP
    c:\windows|partner;true;true;true /FP
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT
    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of just OTL.txt

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

IF you have Spybot Search & Destroy, make sure that Tea Timer is not active !

IF you have other security programs besides MS Security Essentials, let me know which.

Let me know what antivirus you had from before MSE :excl:

I'm not aware of any Spybot.

MSE should be the only one currently and I can't remember me having another one earlier.

In your next reply, confirm that you have done this set of steps in Internet Explorer.

Yes I did and now I don't have any weird search pages and toolbars anymore I think (On IE).

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a repl

I ran it and it seemed to work successfully according to the post comments. However, when it said it was producing a log and I pressed ok, an empty notepad document popped up and no log was saved on the desktop. I tried the other links and same thing happened time after time.

Link to post
Share on other sites

OTL.Txt:

OTL logfile created on: 2012-09-10 17:37:57 - Run 3

OTL by OldTimer - Version 3.2.61.2 Folder = C:\Documents and Settings\Anders\Skrivbord

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,41% Memory free

5,76 Gb Paging File | 4,81 Gb Available in Paging File | 83,65% Paging File free

Paging file location(s): C:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 298,08 Gb Total Space | 238,03 Gb Free Space | 79,86% Space Free | Partition Type: NTFS

Computer Name: ANDERS-EA22E516 | User Name: Anders | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program\LogMeIn Hamachi\hamachi-2.exe

PRC - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe

PRC - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

PRC - [2012-04-17 14:44:12 | 001,333,144 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe

PRC - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

PRC - [2012-03-26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft Security Client\msseces.exe

PRC - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program\Microsoft Security Client\MsMpEng.exe

PRC - [2012-01-17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe

PRC - [2011-11-22 22:35:06 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program\Real\RealPlayer\Update\realsched.exe

PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

PRC - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

PRC - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe

PRC - [2009-12-10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program\PostgreSQL\8.3\bin\postgres.exe

PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE

PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE

PRC - [2008-06-11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2008-04-15 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

PRC - [2005-01-18 02:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program\Razer\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2012-08-17 19:48:59 | 001,193,176 | ---- | M] () -- C:\Program\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll

MOD - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

MOD - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () -- C:\Program\Web Assistant\ExtensionUpdaterService.exe

MOD - [2011-09-27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll

MOD - [2011-09-27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll

MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program\DivX\DivX Update\DivXUpdate.exe

MOD - [2010-11-21 13:43:04 | 001,113,600 | ---- | M] () -- C:\Program\Free Desktop Clock\DesktopClock.exe

MOD - [2010-10-22 17:29:54 | 000,133,120 | ---- | M] () -- C:\Program\Free Desktop Clock\Clock.dll

MOD - [2007-05-22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program\WinRAR\RarExt.dll

MOD - [2005-05-17 19:21:12 | 000,147,456 | ---- | M] () -- C:\Program\Razer\razerhid.exe

========== Services (SafeList) ==========

SRV - [2012-09-10 16:13:38 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012-08-16 16:18:06 | 001,695,776 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe -- (PC Performer Manager)

SRV - [2012-08-15 01:56:50 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012-07-03 13:19:28 | 000,160,944 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2012-05-01 14:33:44 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)

SRV - [2012-04-04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012-03-26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2011-07-20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2011-07-04 16:17:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011-06-29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)

SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009-12-10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)

SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2008-08-15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397)

DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivrutiner Inspiron 531\Bios\WinFlash.sys -- (WINFLASH)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\owdzbysv.sys -- (owdzbysv)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Anders\LOKALA~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\bifpmsqd.sys -- (bifpmsqd)

DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012-06-25 16:30:49 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2012-02-22 12:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)

DRV - [2012-01-11 08:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)

DRV - [2011-02-23 03:05:40 | 000,070,016 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)

DRV - [2011-02-23 03:05:04 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetgps.sys -- (AndNetGps)

DRV - [2011-02-23 03:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)

DRV - [2011-02-23 03:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)

DRV - [2010-12-07 14:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandmodem.sys -- (ANDModem)

DRV - [2010-12-07 14:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lganddiag.sys -- (AndDiag)

DRV - [2010-12-07 14:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandgps.sys -- (AndGps)

DRV - [2010-12-07 14:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandbus.sys -- (Andbus)

DRV - [2010-03-15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)

DRV - [2010-03-15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)

DRV - [2010-03-15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)

DRV - [2010-03-15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)

DRV - [2010-03-15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)

DRV - [2010-03-15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)

DRV - [2010-03-15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)

DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-01-15 19:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)

DRV - [2007-07-30 11:58:56 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2007-07-30 11:58:54 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2006-12-12 18:59:00 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (ASPI32)

DRV - [2006-05-23 20:36:26 | 000,119,808 | ---- | M] (e2eSoft) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e2eCap.sys -- (E2ECAP)

DRV - [2005-04-24 23:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 04 FC D1 68 8F CD 01 [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "https://www.google.se/"

FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Program/ChrisPC Free Anonymous Proxy/chrispc_proxy.pac"

FF - prefs.js..network.proxy.type: 2

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program\Ganymede\Plugins\npganymedenet.dll ( )

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-22 22:35:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program\Web Assistant\Firefox [2012-05-12 18:38:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-07-18 16:14:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-09-10 16:13:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-25 12:22:59 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles/pv7faqlh.default\extensions\specialsavings@superfish.com

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-08-16 16:18:10 | 000,000,000 | ---D | M]

[2012-07-11 19:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Extensions

[2012-09-09 19:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\extensions

[2012-08-26 14:21:14 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\search-safer.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Mozilla\Firefox\Profiles\pv7faqlh.default\searchplugins\Search_Results.xml

[2012-08-04 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

[2012-09-10 16:13:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program\mozilla firefox\components\browsercomps.dll

[2012-07-25 14:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program\mozilla firefox\plugins\npganymedenet.dll

[2012-07-14 03:16:10 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml

[2012-09-10 16:13:15 | 000,002,465 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\bing.xml

[2012-07-14 03:16:10 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml

[2012-07-11 01:57:35 | 000,002,519 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\Search_Results.xml

[2012-07-14 03:16:10 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml

[2012-09-10 16:13:15 | 000,001,387 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml

[2012-09-10 16:13:15 | 000,001,164 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - default_search_provider: google.se (Enabled)

CHR - default_search_provider: search_url = http://www.google.se/search?hl=sv&output=search&sclient=psy-ab&q={searchTerms}&btnG=&oq=&gs_l=&pbx=1

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll

CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\plugins\npganymedenet.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll

CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Anders\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: Veetle TV Player (Enabled) = C:\Program\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Program\Veetle\plugins\npVeetle.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program\VideoLAN\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\

CHR - Extension: Web Assistant = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: General Crawler = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2012-09-09 17:24:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll (SimplyGen)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program\Delade filer\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program\Delade filer\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))

O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DivXUpdate] C:\Program\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Freecorder FLV Service] "C:\Program\Freecorder\FLVSrvc.exe" /run File not found

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSC] c:\Program\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NBKeyScan] C:\Program\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [razer] C:\Program\Razer\razerhid.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found

O4 - HKCU..\Run: [CPN Notifier] C:\Program\Comeon Poker 2.0\PokerNotifier.exe File not found

O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)

O4 - HKCU..\Run: [Media Finder] C:\Program\Media Finder\MF.exe /opentotray File not found

O4 - HKCU..\Run: [skinClock] C:\Program\Free Desktop Clock\DesktopClock.exe ()

O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)

O4 - HKCU..\Run: [spotify Web Helper] C:\Program\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKCU..\Run: [Xvid] C:\Program\XviD\CheckUpdate.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O8 - Extra context menu item: Bifoga länkmål till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Bifoga till befintlig PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Konvertera till Adobe PDF - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program\PokerStars.NET\PokerStarsUpdate.exe File not found

O15 - HKCU\..Trusted Domains: msn.com ([zone] http in Tillförlitliga platser)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309778400234 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE0C555B-4991-433B-9659-A871078265EA}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Delade filer\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\DOCUME~1\ALLUSE~1\APPLIC~1\PCPERF~1\22558~1.177\{16CDF~1\%PROTE~1.DLL) - c:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011-07-04 12:30:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PEVSystemStart - Service

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: procexp90.Sys - Driver

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: Hamachi2Svc - C:\Program\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)

SafeBootNet: MsMpSvc - c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PEVSystemStart - Service

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: procexp90.Sys - Driver

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {068C9DC9-BB4B-1616-688C-B33F2C5C2466} - DirectX

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendering av vektorgrafik

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Databindning för dynamisk HTML för Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Avancerad redigering

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Javaklasser för DirectAnimation

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Schemaläggaren

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()

Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm ()

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll ()

Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll ()

Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation)

Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

Link to post
Share on other sites

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-09-10 17:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\Gamla Loggar

[2012-09-10 17:34:05 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe

[2012-09-10 15:23:45 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012-09-09 23:22:16 | 000,000,000 | --SD | C] -- C:\Combo-Fix

[2012-09-09 17:24:27 | 000,000,000 | ---D | C] -- C:\_OTL

[2012-09-09 17:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies

[2012-09-08 20:45:42 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-07 15:28:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2012-09-07 15:22:00 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2012-09-07 15:19:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012-09-07 15:19:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012-09-07 15:19:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012-09-07 15:19:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012-09-07 15:19:26 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012-09-07 15:12:52 | 004,747,716 | R--- | C] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-07 14:36:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2012-09-07 14:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ERUNT

[2012-09-07 14:35:28 | 000,000,000 | ---D | C] -- C:\Program\ERUNT

[2012-09-05 15:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\PokerTracker 4

[2012-09-05 15:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\PokerTracker 4

[2012-09-05 15:50:55 | 000,000,000 | ---D | C] -- C:\Program\PokerTracker 4

[2012-08-29 17:14:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012-08-29 17:02:35 | 000,000,000 | ---D | C] -- C:\Avenger

[2012-08-29 15:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\LogMeIn Hamachi

[2012-08-29 15:08:08 | 000,000,000 | ---D | C] -- C:\Program\LogMeIn Hamachi

[2012-08-29 14:33:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes

[2012-08-29 14:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes' Anti-Malware

[2012-08-29 14:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012-08-29 14:33:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012-08-29 14:33:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2012-08-28 19:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Bandicam

[2012-08-28 19:48:39 | 000,000,000 | ---D | C] -- C:\Program\Bandicam

[2012-08-27 20:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\CRE

[2012-08-27 13:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Celeris

[2012-08-27 01:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Celeris

[2012-08-27 01:43:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll

[2012-08-27 01:43:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll

[2012-08-27 01:43:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll

[2012-08-27 01:43:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll

[2012-08-27 01:43:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll

[2012-08-27 01:43:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll

[2012-08-27 01:43:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll

[2012-08-27 01:43:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll

[2012-08-27 01:43:32 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll

[2012-08-27 01:43:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll

[2012-08-27 01:43:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll

[2012-08-27 01:43:31 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll

[2012-08-27 01:43:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll

[2012-08-27 01:43:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll

[2012-08-27 01:43:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll

[2012-08-27 01:43:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll

[2012-08-27 01:43:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll

[2012-08-27 01:43:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll

[2012-08-27 01:43:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll

[2012-08-27 01:43:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll

[2012-08-27 01:43:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll

[2012-08-27 01:43:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll

[2012-08-27 01:43:28 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2012-08-27 01:43:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll

[2012-08-27 01:43:28 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2012-08-27 01:43:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll

[2012-08-27 01:43:27 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2012-08-27 01:43:27 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2012-08-27 01:43:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2012-08-27 01:43:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2012-08-27 01:43:27 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2012-08-27 01:43:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll

[2012-08-27 01:43:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll

[2012-08-27 01:43:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll

[2012-08-27 01:43:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll

[2012-08-27 01:43:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll

[2012-08-27 01:43:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll

[2012-08-27 01:43:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll

[2012-08-27 01:43:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll

[2012-08-27 01:43:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll

[2012-08-27 01:43:23 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll

[2012-08-27 01:43:23 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll

[2012-08-27 01:43:23 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll

[2012-08-27 01:43:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll

[2012-08-27 01:43:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll

[2012-08-27 01:43:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll

[2012-08-27 01:43:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll

[2012-08-27 01:43:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2012-08-27 01:43:21 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll

[2012-08-27 01:43:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll

[2012-08-27 01:43:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll

[2012-08-27 01:43:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll

[2012-08-27 01:43:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll

[2012-08-27 01:43:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll

[2012-08-27 01:43:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll

[2012-08-27 01:43:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll

[2012-08-27 01:43:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll

[2012-08-27 01:43:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll

[2012-08-27 01:43:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll

[2012-08-27 01:43:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll

[2012-08-27 01:43:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll

[2012-08-27 01:43:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll

[2012-08-27 01:43:16 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll

[2012-08-27 01:43:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll

[2012-08-27 01:43:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll

[2012-08-27 01:43:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll

[2012-08-27 01:43:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll

[2012-08-27 01:43:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll

[2012-08-27 01:43:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll

[2012-08-27 01:43:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll

[2012-08-27 01:43:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll

[2012-08-27 01:43:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll

[2012-08-27 01:43:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll

[2012-08-27 01:43:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll

[2012-08-27 01:43:08 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll

[2012-08-27 01:43:08 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll

[2012-08-27 01:43:07 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll

[2012-08-27 01:43:05 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Virtual Pool 4

[2012-08-27 01:35:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-08-27 01:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-26 17:47:45 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Mina dokument\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-08-26 17:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2012-08-26 17:43:13 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys

[2012-08-26 14:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\GameSpy Arcade

[2012-08-26 14:20:30 | 000,000,000 | ---D | C] -- C:\Program\ChatZum Toolbar

[2012-08-26 14:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-26 14:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\LogMeIn Hamachi

[2012-08-25 12:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-08-25 12:22:54 | 000,000,000 | ---D | C] -- C:\Program\Ganymede

[2012-08-24 17:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-08-20 13:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\SplitMediaLabs

[2012-08-20 13:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\XSplit

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Program\SplitMediaLabs

[2012-08-20 13:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2012-08-20 13:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-08-19 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\ChrisPC Free Anonymous Proxy

[2012-08-19 19:24:28 | 000,000,000 | ---D | C] -- C:\Program\ChrisPC Free Anonymous Proxy

[2012-08-16 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\blekkotb_031

[2012-08-16 16:25:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-08-16 16:20:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Anders\Start-meny\Program\Administrationsverktyg

[2012-08-16 16:18:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2012-08-16 16:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-08-16 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\Savings Sidekick

[2012-08-16 16:15:49 | 000,196,608 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\e2eCapProp.ax

[2012-08-16 16:15:49 | 000,119,808 | ---- | C] (e2eSoft) -- C:\WINDOWS\System32\drivers\e2eCap.sys

[2012-08-16 15:44:23 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2012-08-16 15:44:13 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2012-08-16 15:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2012-08-16 15:44:10 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2012-08-16 15:44:08 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2012-08-16 15:44:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2012-08-16 15:44:03 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2012-08-16 15:44:00 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2012-08-16 15:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2012-08-16 15:43:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2012-08-16 15:43:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax

[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll

[2012-08-16 15:43:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2012-08-16 15:43:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2012-08-16 15:42:37 | 000,000,000 | ---D | C] -- C:\Program\ManyCam

[2012-08-16 15:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ask

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-10 17:34:51 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2012-09-10 17:34:11 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Anders\Skrivbord\iExplore.exe

[2012-09-10 17:28:07 | 000,000,410 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5096C855-A424-4662-B04A-DE5E47FB502A}.job

[2012-09-10 17:26:14 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-10 17:26:11 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-343818398-682003330-1003.job

[2012-09-10 17:25:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012-09-10 17:24:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-09-10 17:23:47 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2012-09-10 17:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003UA.job

[2012-09-10 17:07:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006UA.job

[2012-09-10 16:56:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-09-10 16:17:45 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk

[2012-09-10 11:30:16 | 000,315,660 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png

[2012-09-10 10:10:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1003Core.job

[2012-09-09 23:18:41 | 004,747,716 | R--- | M] (Swearware) -- C:\Documents and Settings\Anders\Skrivbord\Combo-Fix.exe

[2012-09-09 20:44:27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012-09-09 20:44:26 | 000,138,240 | ---- | M] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-09-09 17:24:30 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts

[2012-09-09 17:16:19 | 000,185,065 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe

[2012-09-09 01:07:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-343818398-682003330-1006Core.job

[2012-09-08 21:00:19 | 000,854,156 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe

[2012-09-08 20:45:49 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anders\Skrivbord\OTL.exe

[2012-09-08 15:33:01 | 000,117,270 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 15:32:48 | 003,888,068 | ---- | M] () -- C:\temp.bmp

[2012-09-08 10:43:33 | 011,300,312 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-07 19:52:59 | 001,118,598 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:21 | 000,930,467 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:46 | 000,977,958 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:21 | 001,082,828 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2012-09-07 14:35:30 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:44 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-07 14:05:14 | 002,150,064 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-09-06 23:48:03 | 000,318,741 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:56 | 000,157,123 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:23 | 000,998,055 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 18:02:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2012-09-05 15:51:54 | 000,004,934 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:24:02 | 000,505,751 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:55 | 000,084,696 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-04 00:13:19 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Google Chrome.lnk

[2012-09-04 00:13:19 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012-09-03 23:42:37 | 001,326,942 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-03 15:24:24 | 000,323,584 | ---- | M] (Stefan Toengi) -- C:\WINDOWS\System32\AUDIOGENIE2.DLL

[2012-09-02 23:50:20 | 001,004,432 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:04:43 | 022,936,300 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:51 | 007,911,796 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:56:04 | 001,101,732 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:59 | 000,800,104 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 14:10:27 | 001,102,894 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:21 | 000,313,151 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:06 | 001,017,983 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:33 | 000,005,159 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:48 | 004,538,077 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-09-01 08:48:55 | 002,495,190 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\1.bmp

[2012-08-31 21:49:00 | 002,052,056 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-08-31 00:34:32 | 000,155,867 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:38 | 000,859,263 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 15:08:12 | 000,000,653 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-29 14:33:11 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:48 | 000,401,735 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:01:26 | 001,200,664 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:35 | 000,121,798 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:31 | 000,124,438 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:18 | 000,307,500 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:08 | 000,156,260 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:08 | 000,150,505 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:19:36 | 003,849,216 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:15 | 000,983,017 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:41 | 000,663,527 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:32 | 000,306,433 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:11 | 001,704,034 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:14 | 001,688,401 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:47:10 | 002,262,013 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:04 | 000,204,889 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:51 | 000,145,330 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-16 02:05:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012-08-15 01:56:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012-08-15 01:56:47 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012-08-13 13:57:35 | 001,830,096 | ---- | M] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-10 11:30:14 | 000,315,660 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_10092012_112913.png

[2012-09-09 17:16:19 | 000,185,065 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\FixPolicies.exe

[2012-09-08 21:00:04 | 000,854,156 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\SecurityCheck.exe

[2012-09-08 15:33:01 | 000,117,270 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\21.bmp

[2012-09-08 10:42:52 | 011,300,312 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-08 10-38-48-933.avi

[2012-09-07 19:52:54 | 001,118,598 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_195109.png

[2012-09-07 19:31:16 | 000,930,467 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_193053.png

[2012-09-07 16:54:40 | 000,977,958 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_165418.png

[2012-09-07 16:32:16 | 001,082,828 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_07092012_163042.png

[2012-09-07 15:22:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2012-09-07 15:22:02 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2012-09-07 15:19:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012-09-07 15:19:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012-09-07 15:19:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012-09-07 15:19:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012-09-07 15:19:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012-09-07 14:35:30 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\NTREGOPT.lnk

[2012-09-07 14:35:30 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ERUNT.lnk

[2012-09-07 14:30:38 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Anders\defogger_reenable

[2012-09-06 23:48:01 | 000,318,741 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_234739.png

[2012-09-06 16:32:55 | 000,157,123 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_06092012_163222.png

[2012-09-06 01:07:18 | 000,998,055 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_190334.png

[2012-09-05 15:51:54 | 000,004,934 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\flwjycbm.bab

[2012-09-05 15:51:34 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\PokerTracker 4.lnk

[2012-09-05 15:23:59 | 000,505,751 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_05092012_152345.png

[2012-09-04 18:40:54 | 000,084,696 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_04092012_184008.png

[2012-09-03 23:42:31 | 001,326,942 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\ad.png

[2012-09-02 23:50:15 | 001,004,432 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_234819.png

[2012-09-02 23:01:55 | 022,936,300 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\vp4 2012-09-02 22-59-50-578.avi

[2012-09-02 17:52:22 | 007,911,796 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\Bankshot1to2.avi

[2012-09-02 15:55:59 | 001,101,732 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_155541.png

[2012-09-02 15:43:54 | 000,800,104 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_154331.png

[2012-09-02 15:25:41 | 002,052,056 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\IMG468.jpg

[2012-09-02 14:10:23 | 001,102,894 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_141009.png

[2012-09-02 13:07:19 | 000,313,151 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130708.png

[2012-09-02 13:07:00 | 001,017,983 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_02092012_130649.png

[2012-09-02 13:04:32 | 000,005,159 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\9-Ball, Alyt vs Frenchy, 090212-103239.vpr

[2012-09-02 13:00:24 | 004,538,077 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_1003.MOV

[2012-09-01 10:02:40 | 000,297,078 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\4.bmp

[2012-09-01 08:56:31 | 002,320,974 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\3.bmp

[2012-09-01 08:55:33 | 002,701,710 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\2.bmp

[2012-08-31 00:34:29 | 000,155,867 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_31082012_002932.png

[2012-08-29 18:48:21 | 000,859,263 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_184533.png

[2012-08-29 14:33:11 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk

[2012-08-29 00:01:44 | 000,401,735 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_29082012_000040.png

[2012-08-28 19:48:43 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

[2012-08-28 19:48:43 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\Bandicam.lnk

[2012-08-27 13:00:47 | 001,200,664 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0086.avi

[2012-08-27 01:37:14 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Virtual Pool 4.lnk

[2012-08-27 00:32:33 | 000,121,798 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003201.png

[2012-08-27 00:32:30 | 000,124,438 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_27082012_003152.png

[2012-08-26 22:36:14 | 000,307,500 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_223547.png

[2012-08-26 17:51:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat

[2012-08-26 15:41:04 | 000,156,260 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_154039.png

[2012-08-26 15:40:06 | 000,150,505 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_26082012_153941.png

[2012-08-26 14:27:15 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk

[2012-08-26 14:27:15 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\GameSpy Arcade.lnk

[2012-08-26 14:20:08 | 000,000,653 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\LogMeIn Hamachi.lnk

[2012-08-26 14:19:29 | 003,849,216 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\hamachi.msi

[2012-08-25 12:40:56 | 000,136,157 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\pool_snooker_1.jpg

[2012-08-25 12:26:11 | 000,983,017 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_25082012_122553.png

[2012-08-23 15:36:33 | 000,663,527 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_23082012_153555.png

[2012-08-22 20:15:58 | 003,195,906 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\cheat.bmp

[2012-08-22 19:25:55 | 001,547,494 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\stg-apologize.bmp

[2012-08-22 16:11:36 | 000,217,782 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\legend.bmp

[2012-08-21 17:29:29 | 000,306,433 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_172844.png

[2012-08-21 11:37:04 | 001,704,034 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113442.png

[2012-08-21 11:32:07 | 001,688,401 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_21082012_113138.png

[2012-08-20 21:46:53 | 002,262,013 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_214618.png

[2012-08-20 16:56:02 | 000,204,889 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165528.png

[2012-08-20 16:53:49 | 000,145,330 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\IMG_20082012_165314.png

[2012-08-20 13:57:57 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\XSplit Broadcaster.lnk

[2012-08-19 19:24:41 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\Anders\Skrivbord\ChrisPC Free Anonymous Proxy.lnk

[2012-08-19 19:24:41 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\Microsoft\Internet Explorer\Quick Launch\ChrisPC Free Anonymous Proxy.lnk

[2012-08-13 13:57:08 | 001,830,096 | ---- | C] () -- C:\Documents and Settings\Anders\Mina dokument\clip0078.avi

[2012-08-05 11:14:00 | 051,687,593 | ---- | C] () -- C:\Documents and Settings\Anders\10 000 meter.flv

[2012-07-10 14:52:42 | 000,190,664 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat

[2012-05-05 16:08:47 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[2012-05-05 16:08:42 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll

[2012-03-05 21:51:45 | 629,460,858 | ---- | C] () -- C:\Documents and Settings\Anders\Målgång.flv

[2012-02-16 12:42:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012-02-08 10:52:34 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Anders\default.pls

[2012-01-30 15:29:29 | 000,000,404 | ---- | C] () -- C:\WINDOWS\LBFamily.ini

[2012-01-30 12:16:09 | 1054,669,159 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.flv

[2012-01-30 12:16:09 | 000,056,831 | ---- | C] () -- C:\Documents and Settings\Anders\såskadetlåta.srt

[2012-01-27 13:24:43 | 000,015,784 | ---- | C] () -- C:\Documents and Settings\Anders\2.srt

[2012-01-27 13:24:39 | 035,912,175 | ---- | C] () -- C:\Documents and Settings\Anders\2.flv

[2012-01-27 13:10:34 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Anders\.swfinfo

[2011-11-09 21:59:50 | 000,000,026 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\ClockTraySkins.ini

[2011-11-09 21:59:38 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Anders\Application Data\FreeDesktopClock.ini

[2011-10-31 18:02:17 | 000,393,256 | ---- | C] () -- C:\WINDOWS\System32\CNQ2414N.DAT

[2011-10-30 14:53:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HMHud.INI

[2011-10-02 13:50:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2011-10-02 13:50:38 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Anders\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-10-01 22:03:20 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll

[2011-10-01 22:03:20 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini

[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011-09-19 09:07:46 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll

[2011-09-19 09:07:32 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll

[2011-08-31 00:32:40 | 000,005,078 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf

[2011-07-04 14:19:24 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011-07-04 14:18:36 | 002,150,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-07-04 13:15:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2011-07-04 13:14:40 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011-07-04 12:32:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011-07-04 12:28:47 | 000,021,700 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

[2011-07-04 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2011-07-04 16:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM

[2012-08-16 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor

[2012-02-03 14:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple

[2012-04-17 16:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2012-08-16 15:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask

[2012-07-11 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011-09-27 16:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media

[2012-08-27 01:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celeris

[2012-05-12 18:06:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2011-08-22 17:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2011-07-04 22:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2012-07-18 16:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX

[2011-12-14 11:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet

[2011-12-13 23:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc

[2012-08-16 16:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService

[2011-10-01 22:04:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX

[2012-08-29 14:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2012-08-24 17:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure

[2012-04-17 17:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMonkey

[2012-07-10 14:54:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2012-08-16 02:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help

[2012-06-22 19:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla

[2011-07-04 18:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero

[2012-08-16 16:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager

[2012-05-30 21:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real

[2012-08-28 23:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype

[2011-10-01 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

[2012-08-20 13:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs

[2011-08-21 12:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun

[2012-05-12 18:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

[2011-10-18 13:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith

[2012-08-26 17:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle

[2011-07-04 13:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

[2012-04-17 16:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

[2009-02-04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe

[2012-05-03 20:07:44 | 000,092,096 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\uninstall.exe

[2012-05-03 20:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe

[2012-06-16 16:25:32 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.6.3.25\SetupAdmin.exe

[2012-04-19 12:58:06 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe

[2012-04-19 12:58:18 | 000,065,783 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe

[2012-04-19 12:58:31 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe

[2012-04-19 12:58:38 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe

[2012-07-18 16:13:37 | 000,062,857 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe

[2012-04-19 12:58:33 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe

[2012-07-18 16:14:17 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe

[2012-04-19 12:58:32 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe

[2012-04-19 12:58:34 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe

[2012-04-19 12:58:35 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe

[2012-04-19 12:58:37 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe

[2012-04-19 12:58:19 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe

[2012-04-19 12:58:01 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe

[2012-04-19 12:58:04 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe

[2012-07-18 16:14:10 | 000,065,896 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe

[2012-04-19 12:58:15 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe

[2012-07-18 16:10:08 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe

[2012-04-19 12:58:29 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe

[2012-07-18 16:13:42 | 000,092,231 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe

[2011-09-30 16:41:01 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe

[2012-07-18 16:14:16 | 000,066,441 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe

[2011-09-20 05:19:08 | 000,109,656 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\LGMLauncher.exe

[2011-04-27 05:12:20 | 000,235,456 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe

[2011-09-28 01:39:52 | 000,404,568 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

[2011-04-01 01:55:52 | 000,038,840 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGbackagent.exe

[2011-09-28 02:58:02 | 000,785,496 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGUserCSTool.exe

[2012-08-16 16:18:06 | 001,695,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe

[2012-08-16 16:18:04 | 003,379,232 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\Uninstall Manager.exe

[2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

[2011-03-11 05:29:12 | 000,227,984 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe

< %ALLUSERSPROFILE%\Application Data\*.dll /s >

[2006-11-02 06:21:54 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll

[2008-04-17 12:12:54 | 000,107,368 | ---- | M] (GEAR Software Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll

[2012-05-03 20:07:40 | 000,309,416 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll

[2012-08-16 15:42:30 | 000,211,624 | ---- | M] (Ask.com) -- C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\MYC-ST\APNIC.dll

[2012-07-18 16:10:40 | 000,620,400 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\finishPlugin.dll

[2012-07-18 16:10:20 | 001,709,936 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\Resource.dll

[2012-07-18 16:15:02 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\RunAsUser\RUNASUSERPROCESS.dll

[2011-09-26 07:10:20 | 000,118,784 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDL.dll

[2010-03-16 08:31:58 | 000,024,576 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll

[2011-09-28 01:38:20 | 000,548,864 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll

[2012-08-24 17:57:00 | 000,000,063 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Max Secure\Max Spyware Detector\SysSD.dll

[2008-09-17 15:29:12 | 000,020,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

[2012-07-10 14:59:23 | 000,019,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

[2012-07-10 14:59:27 | 000,564,632 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll

[2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E8339C9-177D-4B60-9427-26FFAD979AA1}\mpengine.dll

[2012-08-23 09:15:24 | 007,022,536 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

[2008-05-19 13:04:06 | 002,368,000 | ---- | M] (Doctor Web, Ltd.) -- C:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll

[2012-08-16 16:18:06 | 002,046,496 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.dll

[2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-10.0.2.dll

[2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-11.0.dll

[2012-08-03 09:05:02 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-12.0.dll

[2012-08-03 09:05:08 | 000,434,176 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-13.0.dll

[2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-14.0.1.dll

[2012-08-03 09:03:26 | 000,436,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-3.6.dll

[2012-08-03 09:05:42 | 000,435,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-5.0.dll

[2012-08-03 09:05:44 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-6.0.2.dll

[2012-08-03 09:05:10 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-7.0.1.dll

[2012-08-03 09:05:16 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-8.0.1.dll

[2012-08-03 09:05:08 | 000,434,688 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\bprotector-9.0.1.dll

[2011-11-22 22:35:23 | 000,028,160 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll

[2011-11-22 22:35:23 | 000,397,488 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpcommon150browserrecordplugin.dll

[2011-11-22 22:35:23 | 000,035,840 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll

[2011-11-22 22:35:24 | 000,032,256 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordlegacyext.dll

[2011-11-22 22:35:22 | 000,425,680 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[2011-11-22 22:35:23 | 000,095,744 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[2011-11-22 22:35:23 | 000,019,456 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll

[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll

[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll

[2011-11-22 22:35:24 | 000,045,568 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll

[2012-07-26 10:37:24 | 000,035,840 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\CustomRTMP\CustomRTMP.dll

[2012-07-26 10:37:24 | 000,036,864 | ---- | M] (SplitMediaLabs) -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs\XSplit\BroadcastPlugins\SplitMediaLabs.LocalRecording\SplitMediaLabs.LocalRecording.dll

[2011-10-12 01:54:21 | 000,768,512 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll

[2011-10-12 01:54:12 | 000,476,672 | R-S- | M] () -- C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll

< %APPDATA%\*. >

[2012-06-13 00:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Adobe

[2011-11-22 14:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Anvsoft

[2012-05-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apowersoft

[2012-05-21 17:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Apple Computer

[2012-05-12 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Audacity

[2012-02-28 18:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Babylon

[2012-06-18 20:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\BANDISOFT

[2012-08-27 01:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Celeris

[2012-08-19 19:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Complitly

[2011-08-22 16:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Copax

[2012-01-30 14:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Lite

[2011-07-04 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DAEMON Tools Pro

[2012-04-19 12:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DDMSettings

[2012-02-10 11:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Digiarty

[2011-10-18 02:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DivX

[2012-04-17 12:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\dvdcss

[2011-12-31 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\DVDVideoSoft

[2012-05-12 20:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Free Audio Recorder

[2012-08-25 13:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GanymedeNet

[2012-02-09 23:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\GetRightToGo

[2012-09-10 17:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Gmail Notifier

[2012-03-20 00:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HandBrake

[2012-05-30 16:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Help

[2011-10-30 14:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\HEM Data

[2011-07-04 12:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Identities

[2011-07-04 13:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\InstallShield

[2012-08-24 19:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Macromedia

[2012-08-29 14:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Malwarebytes

[2011-12-14 17:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Finder

[2012-02-10 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Media Player Classic

[2012-07-24 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MediaMonkey

[2012-05-12 18:05:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anders\Application Data\Microsoft

[2012-06-22 19:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Mozilla

[2011-11-23 16:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloader

[2011-11-23 16:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\MyVideoDownloaderHD

[2011-07-04 18:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Nero

[2012-08-04 10:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Opera

[2012-05-17 17:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Oracle

[2012-05-17 17:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Personal

[2012-05-30 21:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Real

[2011-12-14 11:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\RealNetworks

[2012-09-10 17:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Skype

[2012-06-20 16:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Solveig Multimedia

[2012-02-10 01:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sony

[2012-08-20 13:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\SplitMediaLabs

[2012-09-10 16:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Spotify

[2011-08-21 12:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Sun

[2012-07-02 21:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\TraderaProLister

[2012-08-27 00:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Tunngle

[2012-04-17 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\U3

[2012-09-02 13:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\vlc

[2011-10-18 01:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\WinRAR

[2012-05-12 18:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Wondershare

[2011-11-23 17:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anders\Application Data\Youtube Downloader HD

< %APPDATA%\*.exe /s >

[2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\KeepMeUpdated.exe

[2012-01-18 03:51:08 | 000,091,128 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Complitly\64\KeepMeUpdated.exe

[2012-08-17 22:41:52 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.10\agent\rnupgagent.exe

[2012-07-19 22:12:12 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Anders\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe

[2006-12-14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\U3\temp\cleanup.exe

[2007-02-12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Anders\Application Data\U3\temp\Launchpad Removal.exe

< %APPDATA%\*.dll /s >

[2012-01-02 01:11:18 | 005,494,272 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Adobe\Flash Player\NativeCache\E6A8DB80E4AEE90C7CB47D1A338C7244\55c87052\adobecp-300592-2.dll

[2012-01-18 03:51:08 | 000,139,768 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\Complitly.dll

[2012-01-18 03:51:08 | 000,167,416 | ---- | M] (SimplyGen) -- C:\Documents and Settings\Anders\Application Data\Complitly\64\Complitly64.dll

[2012-07-11 00:01:12 | 000,015,128 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Anders\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll

[2011-07-26 17:59:53 | 000,208,896 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_dsp.dll

[2011-07-26 17:59:53 | 000,282,624 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll

[2011-07-26 17:59:53 | 000,655,360 | ---- | M] (Gracenote, Inc.) -- C:\Documents and Settings\Anders\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll

[2012-05-17 17:09:05 | 000,177,664 | ---- | M] () -- C:\Documents and Settings\Anders\Application Data\Sun\Java\jre1.7.0_04\lzma.dll

< %SYSTEMDRIVE%\*.exe >

[2012-07-04 05:48:38 | 003,861,472 | ---- | M] () -- C:\chatzum.exe

< MD5 for: AGP440.SYS >

[2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >

[2008-04-15 14:00:00 | 020,095,330 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008-04-15 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: BEEP.SYS >

[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys

[2008-04-15 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: EVENTLOG.DLL >

[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\dllcache\eventlog.dll

[2008-04-15 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=0A6DF967AE8E836D053DB46398F603E5 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >

[2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\dllcache\netlogon.dll

[2008-04-15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=4F4A16EAEB932AE413E48923E6A400E0 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: RUNDLL32.EXE >

[2012-07-03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program\Malwarebytes' Anti-Malware\Chameleon\rundll32.exe

[2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\dllcache\rundll32.exe

[2008-04-15 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=E12130D733B4BF7C96C2B62847481EE3 -- C:\WINDOWS\system32\rundll32.exe

< MD5 for: SCECLI.DLL >

[2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\dllcache\scecli.dll

[2008-04-15 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=3B50B494647E60CE6AC516E3F5C82B25 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: THEMEUI.DLL >

[2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\dllcache\themeui.dll

[2008-04-15 14:00:00 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=0F3FC3EBA857A1468250CA3EF1494D25 -- C:\WINDOWS\system32\themeui.dll

< MD5 for: USERINIT.EXE >

[2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008-04-15 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\userinit.exe

< c:\windows|protector;true;true;true /FP >

[2012-09-10 17:23:47 | 000,027,590 | ---- | M] () -- c:\WINDOWS\Prefetch\%PROTECTOR PROCESS NAME%.EXE-10BA9BD9.pf

< c:\windows|partner;true;true;true /FP >

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >

[2011-07-04 14:17:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2011-07-04 14:17:23 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2011-07-04 14:17:23 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< >

< End of report >

checkup.txt:

Results of screen317's Security Check version 0.99.50

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Microsoft Security Essentials

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

JavaFX 2.1.0

Java 6 Update 26

Java 7 Update 4

Java version out of Date!

Adobe Flash Player 11.3.300.271

Mozilla Firefox (15.0.1)

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C::

````````````````````End of Log``````````````````````

Link to post
Share on other sites