Jump to content

Possible trojan


Recommended Posts

I had Malwarebytes Pro block 4 attemps at outgoing IP connections today while searching on google. I run win 8 64bit and chrome in sandboxie so i closed chrome and deleted the sandbox. Ran a malwarebytes scane and a windows defender scane, both came up empty handed but then i googled the IP address malwarebytes blocked and several sites listed it as having a bank trojan which made me paranoid

Log

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16442 BrowserJavaVersion: 10.9.2

Run by jn2002dk at 16:36:31 on 2012-11-21

Microsoft Windows 8 Pro 6.2.9200.0.1252.45.1030.18.16333.14006 [GMT 1:00]

.

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\WINDOWS\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\svchost.exe -k GPSvcGroup

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\WINDOWS\system32\WLANExt.exe

C:\WINDOWS\System32\LogonUI.exe

C:\WINDOWS\System32\dwm.exe

C:\WINDOWS\System32\LogonUI.exe

C:\WINDOWS\System32\dwm.exe

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\System32\LogonUI.exe

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\System32\dwm.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\system32\taskhostex.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

C:\Program Files\Tablet\Wacom\WacomHost.exe

C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Windows\System32\WWAHost.exe

C:\WINDOWS\WinStore\WSHost.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.dk/

uDefault_Page_URL = hxxp://acer.msn.com

mWinlogon: Userinit = userinit.exe

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

StartupFolder: C:\Users\jn2002dk\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\MENUEN~1\Programs\StartUp\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\MENUEN~1\Programs\StartUp\SKETCH~1.LNK - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

TCP: NameServer = 10.0.0.1 212.242.40.3 212.242.40.51

TCP: Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A} : DHCPNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

TCP: Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6} : DHCPNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://acer.msn.com

x64-mDefault_Page_URL = hxxp://acer.msn.com

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\System32\Drivers\mwlPSDFilter.sys [2012-3-8 22648]

R1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\System32\Drivers\mwlPSDNserv.sys [2012-3-8 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\System32\Drivers\mwlPSDVDisk.sys [2012-3-8 62776]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-2-29 28264]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-10 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-10 161560]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-3-8 255376]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-16 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-16 676936]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-7-20 382312]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-10 363800]

R2 WSWNA3100M;WSWNA3100M;C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [2012-11-10 303360]

R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-11-10 613760]

R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-16 25928]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-8-25 202632]

R3 wna3100m;NETGEAR WNA3100M N300 Wireless Mini USB Adapter;C:\WINDOWS\System32\Drivers\wna3100m.sys [2011-12-30 1094760]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 amdhub30;AMD USB 3.0 Hub Driver;C:\WINDOWS\System32\Drivers\amdhub30.sys [2012-3-8 87168]

S3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\WINDOWS\System32\Drivers\amdxhc.sys [2012-3-8 188544]

S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\WINDOWS\System32\Drivers\EtronHub3.sys [2012-3-8 39936]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2012-3-8 64512]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-11-14 1038088]

S3 hidkmdf;KMDF Driver;C:\WINDOWS\System32\Drivers\hidkmdf.sys [2012-11-10 13728]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\WINDOWS\System32\Drivers\nusb3hub.sys [2012-3-8 78848]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\WINDOWS\System32\Drivers\nusb3xhc.sys [2012-3-8 180224]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]

S3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\WINDOWS\System32\Drivers\ViaHub3.sys [2012-3-8 176640]

S3 WacHidRouter;Wacom Hid Router;C:\WINDOWS\System32\Drivers\wachidrouter.sys [2012-11-10 81312]

S3 wacomrouterfilter;Wacom Router Filter Driver;C:\WINDOWS\System32\Drivers\wacomrouterfilter.sys [2012-11-10 15776]

S3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\WINDOWS\System32\Drivers\xhcdrv.sys [2012-3-8 230400]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2012-11-21 10:23:03 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD361A0F-3405-45B2-BD31-94A0100D3582}\offreg.dll

2012-11-21 10:21:16 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BD361A0F-3405-45B2-BD31-94A0100D3582}\mpengine.dll

2012-11-21 08:35:53 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-19 21:09:37 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Opera

2012-11-19 11:15:48 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes

2012-11-19 10:53:23 -------- d-----w- C:\Program Files\Construct 2

2012-11-18 09:44:52 -------- d-----w- C:\Program Files\Speccy

2012-11-17 15:13:35 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\KompoZer

2012-11-17 14:58:30 -------- d-----w- C:\Program Files\Microsoft

2012-11-17 13:28:59 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2012-11-16 20:00:08 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin

2012-11-16 18:28:04 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2012-11-16 18:28:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-16 16:53:44 -------- d-----r- C:\WINDOWS\BrowserChoice

2012-11-16 16:52:24 11272192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2012-11-16 16:52:23 10768384 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2012-11-16 16:45:07 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll

2012-11-16 16:45:06 13640704 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll

2012-11-16 16:45:03 3265256 ----a-w- C:\WINDOWS\System32\drivers\evbda.sys

2012-11-16 16:45:01 10791936 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll

2012-11-16 16:45:00 2397184 ----a-w- C:\WINDOWS\System32\WpcMon.exe

2012-11-16 16:45:00 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll

2012-11-16 16:43:59 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll

2012-11-16 16:41:58 76288 ----a-w- C:\WINDOWS\System32\newdev.exe

2012-11-16 16:41:58 75264 ----a-w- C:\WINDOWS\System32\ndadmin.exe

2012-11-16 16:41:58 74240 ----a-w- C:\WINDOWS\SysWow64\newdev.exe

2012-11-16 16:41:58 73728 ----a-w- C:\WINDOWS\SysWow64\ndadmin.exe

2012-11-16 16:41:58 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll

2012-11-16 16:41:58 301568 ----a-w- C:\WINDOWS\System32\newdev.dll

2012-11-16 16:41:58 275968 ----a-w- C:\WINDOWS\SysWow64\newdev.dll

2012-11-16 16:41:57 68608 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll

2012-11-16 16:39:42 439296 ----a-w- C:\WINDOWS\System32\ReAgent.dll

2012-11-16 16:39:42 371712 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll

2012-11-16 16:39:42 26624 ----a-w- C:\WINDOWS\System32\ReAgentc.exe

2012-11-16 16:39:42 24064 ----a-w- C:\WINDOWS\SysWow64\ReAgentc.exe

2012-11-16 16:39:11 4056576 ----a-w- C:\WINDOWS\System32\win32k.sys

2012-11-16 16:34:38 -------- d-----r- C:\Sandbox

2012-11-16 16:33:31 -------- d-----w- C:\Program Files\Sandboxie

2012-11-16 16:24:37 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Packages

2012-11-16 16:24:37 -------- d-----w- C:\ProgramData\PRICache

2012-11-16 16:09:07 891240 ----a-w- C:\WINDOWS\System32\nvvsvc.exe

2012-11-16 16:09:07 63336 ----a-w- C:\WINDOWS\System32\nvshext.dll

2012-11-16 16:09:07 6193000 ----a-w- C:\WINDOWS\System32\nvcpl.dll

2012-11-16 16:09:07 3266408 ----a-w- C:\WINDOWS\System32\nvsvc64.dll

2012-11-16 16:09:07 2689224 ----a-w- C:\WINDOWS\System32\nvcoproc.bin

2012-11-16 16:09:07 2557800 ----a-w- C:\WINDOWS\System32\nvsvcr.dll

2012-11-16 16:09:07 118120 ----a-w- C:\WINDOWS\System32\nvmctray.dll

2012-11-16 16:08:59 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2012-11-16 16:08:55 -------- d-----w- C:\Program Files\NVIDIA Corporation

2012-11-16 16:08:55 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2012-11-16 16:08:46 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM

2012-11-16 16:08:46 -------- d-----w- C:\Program Files\Realtek

2012-11-16 16:06:30 -------- d-----w- C:\Windows.old

2012-11-16 16:05:29 -------- d-----w- C:\WINDOWS\SysWow64\XPSViewer

2012-11-16 16:02:43 1166440 ----a-r- C:\WINDOWS\System32\PresentationNative_v0300.dll

2012-11-16 16:02:37 35400 ----a-r- C:\WINDOWS\System32\TsWpfWrp.exe

2012-11-16 16:02:34 124040 ----a-r- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll

2012-11-16 16:02:29 35400 ----a-r- C:\WINDOWS\SysWow64\TsWpfWrp.exe

2012-11-16 16:02:26 102528 ----a-r- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2012-11-16 16:02:21 778856 ----a-r- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll

2012-11-16 15:47:48 -------- d-----w- C:\WINDOWS\Panther

2012-11-15 09:52:28 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1

2012-11-15 09:52:21 -------- d-----w- C:\Program Files (x86)\Wimp

2012-11-15 08:20:41 -------- d-----w- C:\Users\jn2002dk\.stencylworks

2012-11-15 08:20:38 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Stencyl

2012-11-14 17:24:23 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-11-14 17:23:05 -------- d-----w- C:\ProgramData\ALM

2012-11-14 16:58:16 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\NVIDIA

2012-11-14 16:56:08 -------- d-----w- C:\WINDOWS\SysWow64\spool

2012-11-14 16:55:12 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2012-11-14 16:55:11 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared

2012-11-14 16:40:29 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes

2012-11-14 16:36:55 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-14 16:25:44 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\deluge

2012-11-14 16:23:52 -------- d-----w- C:\Program Files (x86)\Deluge

2012-11-14 14:25:33 -------- d-----w- C:\Program Files (x86)\Stencyl

2012-11-14 14:25:22 -------- d-----w- C:\Users\jn2002dk\.oces2

2012-11-14 14:25:14 821736 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll

2012-11-14 14:25:14 746984 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll

2012-11-14 14:25:09 95208 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll

2012-11-14 08:19:16 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF

2012-11-14 08:19:15 -------- d-----w- C:\Program Files (x86)\SumatraPDF

2012-11-11 23:14:03 -------- d-----w- C:\Program Files\CCleaner

2012-11-11 23:11:28 -------- d-----w- C:\Users\jn2002dk\AppData\Local\VMware

2012-11-11 09:27:33 -------- d-----r- C:\Program Files (x86)\Skype

2012-11-10 18:40:49 3584 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\da-DK\LXKPTPRC.DLL.mui

2012-11-10 18:40:48 3584 ----a-w- C:\WINDOWS\System32\drivers\da-DK\tsusbflt.sys.mui

2012-11-10 18:40:46 2560 ----a-w- C:\WINDOWS\System32\drivers\da-DK\rdpwd.sys.mui

2012-11-10 18:39:42 -------- d-----w- C:\WINDOWS\NAPP_Dism_Log

2012-11-10 17:10:13 -------- d-----w- C:\Users\jn2002dk\AppData\Local\mypaint

2012-11-10 17:09:57 -------- d-----w- C:\Program Files\MyPaint

2012-11-10 16:44:19 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development

2012-11-10 16:44:19 -------- d-----w- C:\ProgramData\SYSTEMAX Software Development

2012-11-10 16:44:13 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Zame

2012-11-10 16:32:20 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Adobe

2012-11-10 14:51:53 -------- d-----r- C:\Users\jn2002dk\Dropbox

2012-11-10 14:50:28 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Dropbox

2012-11-10 13:07:38 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2012-11-10 13:05:32 -------- d-----w- C:\ProgramData\Battle.net

2012-11-10 11:39:23 15360 ----a-w- C:\WINDOWS\System32\RdpGroupPolicyExtension.dll

2012-11-10 11:39:23 13312 ----a-w- C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyControl.exe

2012-11-10 11:39:12 192000 ----a-w- C:\WINDOWS\SysWow64\rdpendp_winip.dll

2012-11-10 11:39:11 228864 ----a-w- C:\WINDOWS\System32\rdpendp_winip.dll

2012-11-10 11:30:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2012-11-10 11:28:30 -------- d-----w- C:\WINDOWS\SysWow64\Wat

2012-11-10 11:28:30 -------- d-----w- C:\WINDOWS\System32\Wat

2012-11-10 11:16:35 -------- d-----w- C:\ProgramData\Alias

2012-11-10 11:15:11 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\WTablet

2012-11-10 11:15:07 -------- d-----w- C:\Program Files (x86)\TabletPlugins

2012-11-10 11:15:05 15776 ----a-w- C:\WINDOWS\System32\drivers\wacomrouterfilter.sys

2012-11-10 11:15:02 81312 ----a-w- C:\WINDOWS\System32\drivers\wachidrouter.sys

2012-11-10 11:15:02 1721576 ----a-w- C:\WINDOWS\System32\wdfcoinstaller01009.dll

2012-11-10 11:15:02 13728 ----a-w- C:\WINDOWS\System32\drivers\hidkmdf.sys

2012-11-10 11:14:56 1981312 ----a-w- C:\WINDOWS\System32\Wacom_Tablet.dll

2012-11-10 11:14:56 1974144 ----a-w- C:\WINDOWS\System32\Wacom_Touch_Tablet.dll

2012-11-10 11:14:56 1843072 ----a-w- C:\WINDOWS\System32\Wintab32.dll

2012-11-10 11:14:56 1840000 ----a-w- C:\WINDOWS\System32\WacomMT.dll

2012-11-10 11:14:56 1628032 ----a-w- C:\WINDOWS\SysWow64\Wacom_Tablet.dll

2012-11-10 11:14:56 1621376 ----a-w- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll

2012-11-10 11:14:56 1509248 ----a-w- C:\WINDOWS\SysWow64\Wintab32.dll

2012-11-10 11:14:56 1505152 ----a-w- C:\WINDOWS\SysWow64\WacomMT.dll

2012-11-10 11:14:55 -------- d-----w- C:\Program Files\Tablet

2012-11-10 11:06:31 -------- d-----w- C:\Program Files\TabletPlugins

2012-11-10 11:04:19 -------- d-----w- C:\ProgramData\CELSYS

2012-11-10 11:04:09 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Smith Micro

2012-11-10 11:02:39 294912 ----a-w- C:\WINDOWS\System32\browserchoice.exe

2012-11-10 11:02:18 -------- d-----w- C:\Program Files (x86)\Smith Micro

2012-11-10 11:02:12 306688 ----a-w- C:\WINDOWS\IsUninst.exe

2012-11-10 11:00:54 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Autodesk

2012-11-10 11:00:51 -------- d-----w- C:\Program Files (x86)\Autodesk

2012-11-10 10:58:04 -------- d-----w- C:\temp

2012-11-10 10:57:27 -------- d-----w- C:\Autodesk

2012-11-10 10:54:02 970088 ----a-w- C:\WINDOWS\System32\nvumdshimx.dll

2012-11-10 10:54:02 828776 ----a-w- C:\WINDOWS\SysWow64\nvumdshim.dll

2012-11-10 10:54:02 6099816 ----a-w- C:\WINDOWS\SysWow64\nvopencl.dll

2012-11-10 10:54:02 14799720 ----a-w- C:\WINDOWS\System32\nvwgf2umx.dll

2012-11-10 10:54:02 12386664 ----a-w- C:\WINDOWS\SysWow64\nvwgf2um.dll

2012-11-10 10:54:01 7386472 ----a-w- C:\WINDOWS\System32\nvopencl.dll

2012-11-10 10:54:01 26227560 ----a-w- C:\WINDOWS\System32\nvoglv64.dll

2012-11-10 10:54:01 19828584 ----a-w- C:\WINDOWS\SysWow64\nvoglv32.dll

2012-11-10 10:54:00 247144 ----a-w- C:\WINDOWS\System32\nvinitx.dll

2012-11-10 10:54:00 202600 ----a-w- C:\WINDOWS\SysWow64\nvinit.dll

2012-11-10 10:54:00 13378408 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys

2012-11-10 10:51:22 77656 ----a-w- C:\WINDOWS\System32\XAPOFX1_5.dll

2012-11-10 10:50:59 238088 ----a-w- C:\WINDOWS\SysWow64\xactengine3_1.dll

2012-11-10 10:47:15 -------- d-----w- C:\World of Warcraft

2012-11-10 10:44:02 -------- d-----w- C:\avast! sandbox

2012-11-10 10:41:20 -------- d-----w- C:\ProgramData\AVAST Software

2012-11-10 10:41:20 -------- d-----w- C:\Program Files\AVAST Software

2012-11-10 10:37:48 -------- d-----w- C:\Users\jn2002dk\AppData\Local\EgisTec IPS

2012-11-10 10:33:12 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Google

2012-11-10 10:33:05 -------- d-----w- C:\Users\jn2002dk\AppData\Local\Apps

2012-11-10 10:30:39 595968 ----a-w- C:\WINDOWS\SysWow64\Rtlihvs.dll

2012-11-10 10:30:39 595968 ----a-w- C:\WINDOWS\System32\Rtlihvs.dll

2012-11-10 10:30:38 -------- d-----w- C:\Program Files (x86)\NETGEAR

2012-11-10 10:25:04 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\OEM

2012-11-10 10:25:03 -------- d-----w- C:\Users\jn2002dk\AppData\Roaming\Screensaver

2012-11-10 10:24:56 -------- d-----r- C:\Users\jn2002dk\Searches

2012-11-10 10:24:49 -------- d-----r- C:\Users\jn2002dk\Contacts

2012-11-10 10:24:20 -------- d-----w- C:\Users\jn2002dk\AppData\Local\VirtualStore

2012-11-10 10:08:40 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation

2012-11-10 10:03:59 99944 ----a-w- C:\WINDOWS\System32\RCoInstII64.dll

2012-11-10 10:02:59 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent

2012-11-10 10:01:33 41984 ----a-w- C:\WINDOWS\System32\drivers\USB3Ver.dll

2012-11-10 10:00:20 568600 ----a-w- C:\WINDOWS\System32\drivers\iaStor.sys

2012-11-10 09:55:03 -------- d--ha-w- C:\book

2012-11-10 09:50:35 68928 ----a-w- C:\WINDOWS\System32\OpenCL.dll

2012-11-10 09:50:35 61248 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll

2012-11-10 09:50:27 31040 ----a-w- C:\WINDOWS\System32\nvhdap64.dll

2012-11-10 09:50:27 188224 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys

2012-11-10 09:50:27 1451840 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll

2012-11-10 09:50:26 364352 ----a-w- C:\WINDOWS\System32\nvdecodemft.dll

2012-11-10 09:50:26 301376 ----a-w- C:\WINDOWS\SysWow64\nvdecodemft.dll

2012-11-10 09:50:26 1466176 ----a-w- C:\WINDOWS\System32\nvgenco64.dll

2012-11-10 09:47:58 53248 ----a-w- C:\WINDOWS\SysWow64\CSVer.dll

2012-11-10 09:47:55 -------- d--h--w- C:\Intel

.

==================== Find3M ====================

.

2012-11-02 05:22:08 34304 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe

2012-11-02 05:21:44 83968 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll

2012-11-02 05:21:44 125952 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll

2012-11-02 05:21:28 246784 ----a-w- C:\WINDOWS\SysWow64\ubpm.dll

2012-11-02 05:20:31 39424 ----a-w- C:\WINDOWS\System32\wuapp.exe

2012-11-02 05:20:28 77824 ----a-w- C:\WINDOWS\System32\taskhost.exe

2012-11-02 05:20:28 72192 ----a-w- C:\WINDOWS\System32\taskhostex.exe

2012-11-02 05:20:10 141824 ----a-w- C:\WINDOWS\System32\wuwebv.dll

2012-11-02 05:20:09 98304 ----a-w- C:\WINDOWS\System32\wudriver.dll

2012-11-02 05:20:09 251904 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll

2012-11-02 05:20:09 17408 ----a-w- C:\WINDOWS\System32\wuaext.dll

2012-11-02 05:20:09 1619968 ----a-w- C:\WINDOWS\System32\wucltux.dll

2012-11-02 05:19:50 318464 ----a-w- C:\WINDOWS\System32\ubpm.dll

2012-11-02 05:01:27 99328 ----a-w- C:\WINDOWS\System32\wushareduxresources.dll

2012-11-02 04:55:32 212992 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys

2012-11-02 04:53:13 366080 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys

2012-10-29 05:04:47 522640 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll

2012-10-29 05:04:47 490064 ----a-w- C:\WINDOWS\System32\AudioEng.dll

2012-10-29 05:04:47 447792 ----a-w- C:\WINDOWS\System32\AudioSes.dll

2012-10-29 05:04:47 253512 ----a-w- C:\WINDOWS\System32\audiodg.exe

2012-10-29 03:21:53 1526784 ----a-w- C:\WINDOWS\System32\mfcore.dll

2012-10-29 03:21:21 267264 ----a-w- C:\WINDOWS\System32\EncDump.dll

2012-10-29 03:20:49 785920 ----a-w- C:\WINDOWS\System32\audiosrv.dll

2012-10-29 03:20:49 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll

2012-10-29 03:19:08 463768 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll

2012-10-29 03:19:08 427568 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll

2012-10-29 03:19:08 324344 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll

2012-10-29 02:46:23 1451520 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll

2012-10-26 22:19:09 80728 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2012-10-26 22:19:09 695648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2012-10-24 04:54:06 6972136 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2012-10-24 03:06:12 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2012-10-24 02:27:01 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2012-10-18 06:17:18 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys

2012-10-18 03:20:46 10096640 ----a-w- C:\WINDOWS\System32\twinui.dll

2012-10-18 03:18:40 2302464 ----a-w- C:\WINDOWS\System32\authui.dll

2012-10-18 03:18:33 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll

2012-10-18 02:46:00 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll

2012-10-18 02:44:38 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll

2012-10-18 02:44:33 753664 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll

2012-10-17 04:32:52 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll

2012-10-17 04:32:51 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll

2012-10-17 04:32:51 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll

2012-10-17 04:32:50 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll

2012-10-17 03:57:37 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll

2012-10-17 03:57:37 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll

2012-10-17 03:57:37 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll

2012-10-17 03:57:36 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll

2012-10-12 08:08:01 27880 ----a-w- C:\WINDOWS\System32\drivers\rdpvideominiport.sys

2012-10-12 06:14:54 87040 ----a-w- C:\WINDOWS\System32\srmtrace.dll

2012-10-12 06:14:54 652800 ----a-w- C:\WINDOWS\System32\srmscan.dll

2012-10-12 06:14:54 30720 ----a-w- C:\WINDOWS\System32\srm_ps.dll

2012-10-12 06:14:54 279040 ----a-w- C:\WINDOWS\System32\srm.dll

2012-10-12 06:14:54 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll

2012-10-12 06:14:54 172032 ----a-w- C:\WINDOWS\System32\srmshell.dll

2012-10-12 06:14:54 1347072 ----a-w- C:\WINDOWS\System32\srmclient.dll

2012-10-12 06:14:54 134144 ----a-w- C:\WINDOWS\System32\adrclient.dll

2012-10-12 06:14:40 36352 ----a-w- C:\WINDOWS\System32\rfxvmt.dll

2012-10-12 06:14:39 3244032 ----a-w- C:\WINDOWS\System32\rdpcorets.dll

2012-10-12 06:14:34 115712 ----a-w- C:\WINDOWS\System32\wbem\PolicMan.dll

2012-10-12 06:13:32 109568 ----a-w- C:\WINDOWS\System32\dskquota.dll

2012-10-12 05:50:01 235520 ----a-w- C:\WINDOWS\System32\rdpudd.dll

2012-10-12 05:46:28 618496 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys

2012-10-12 05:41:02 987648 ----a-w- C:\WINDOWS\SysWow64\srmclient.dll

2012-10-12 05:41:02 68096 ----a-w- C:\WINDOWS\SysWow64\srmtrace.dll

2012-10-12 05:41:02 487936 ----a-w- C:\WINDOWS\SysWow64\srmscan.dll

2012-10-12 05:41:02 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll

2012-10-12 05:41:02 202240 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll

2012-10-12 05:41:02 15872 ----a-w- C:\WINDOWS\SysWow64\srm_ps.dll

2012-10-12 05:41:02 128000 ----a-w- C:\WINDOWS\SysWow64\srmshell.dll

2012-10-12 05:41:02 104448 ----a-w- C:\WINDOWS\SysWow64\adrclient.dll

2012-10-12 05:40:49 84992 ----a-w- C:\WINDOWS\SysWow64\wbem\PolicMan.dll

2012-10-12 05:39:54 82944 ----a-w- C:\WINDOWS\SysWow64\dskquota.dll

2012-10-11 07:47:18 793200 ----a-w- C:\WINDOWS\System32\mfplat.dll

2012-10-11 07:35:16 2380944 ----a-w- C:\WINDOWS\explorer.exe

2012-10-11 07:26:44 336104 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys

2012-10-11 07:25:48 56552 ----a-w- C:\WINDOWS\System32\drivers\sdstor.sys

2012-10-11 07:23:33 1001192 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys

2012-10-11 07:23:32 441576 ----a-w- C:\WINDOWS\System32\drivers\netio.sys

2012-10-11 07:18:25 172264 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys

2012-10-11 07:16:20 1403784 ----a-w- C:\WINDOWS\System32\winload.efi

2012-10-11 07:16:20 1267424 ----a-w- C:\WINDOWS\System32\winload.exe

2012-10-11 07:16:20 1217328 ----a-w- C:\WINDOWS\System32\winresume.efi

2012-10-11 07:16:19 1093880 ----a-w- C:\WINDOWS\System32\winresume.exe

2012-10-11 07:13:54 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2012-10-11 07:13:51 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2012-10-11 07:13:49 58088 ----a-w- C:\WINDOWS\System32\drivers\dam.sys

2012-10-11 07:13:37 33512 ----a-w- C:\WINDOWS\System32\drivers\battc.sys

2012-10-11 07:08:41 562392 ----a-w- C:\WINDOWS\System32\drivers\cng.sys

2012-10-11 07:02:27 1636672 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll

2012-10-11 07:01:47 503080 ----a-w- C:\WINDOWS\System32\ci.dll

2012-10-11 05:56:41 2115952 ----a-w- C:\WINDOWS\SysWow64\explorer.exe

2012-10-11 05:45:58 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2012-10-11 05:45:58 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2012-10-11 05:45:58 1045504 ----a-w- C:\WINDOWS\System32\usercpl.dll

2012-10-11 05:45:53 3554304 ----a-w- C:\WINDOWS\System32\tquery.dll

2012-10-11 05:45:49 370176 ----a-w- C:\WINDOWS\System32\SysFxUI.dll

2012-10-11 05:45:48 579584 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll

2012-10-11 05:45:42 505344 ----a-w- C:\WINDOWS\System32\SpaceControl.dll

2012-10-11 05:45:37 590848 ----a-w- C:\WINDOWS\System32\SHCore.dll

.

============= FINISH: 16:36:53,40 ===============

attach.txt

Link to post
Share on other sites

Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

Vista and Windows 7 users:

These tools MUST be run from the executable (.exe) every time you run them

with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

---------

Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.

aswmbrscan.jpg

Click the image to enlarge it

----------

Link to post
Share on other sites

Ok...give me a little bit. I need to speak with some people before we continue since your system is a Windows 8. I will return as quickly as I can.

In the meantime

Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan
  • Do Not Attempt To Fix Anything Now. We just need to look over the report and be sure we are removing the correct
    items.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

Link to post
Share on other sites

OTL

  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scan box paste this in
    netsvcs
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

----------

Link to post
Share on other sites

OTL logfile created on: 21-11-2012 19:18:44 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Downloads

64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16433)

Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,95 Gb Total Physical Memory | 13,86 Gb Available Physical Memory | 86,88% Memory free

31,95 Gb Paging File | 29,59 Gb Available in Paging File | 92,60% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 455,95 Gb Total Space | 337,18 Gb Free Space | 73,95% Space Free | Partition Type: NTFS

Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\jn2002dk\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Programmer\WindowsApps\Microsoft.Studios.RecklessRacingUltimate_1.2.6.0_x86__8wekyb3d8bbwe\RRU.exe ()

PRC - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

PRC - C:\Programmer\Tablet\Wacom\WacomHost.exe (Wacom Technology)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

PRC - C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe ()

PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe ()

PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)

========== Modules (No Company Name) ==========

MOD - C:\Programmer\WindowsApps\Microsoft.Studios.RecklessRacingUltimate_1.2.6.0_x86__8wekyb3d8bbwe\RRU.exe ()

MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()

MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe ()

MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)

SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)

SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)

SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)

SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)

SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)

SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)

SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)

SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)

SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)

SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)

SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)

SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)

SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)

SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)

SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)

SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV - (FLEXnet Licensing Service 64) -- C:\Programmer\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (WTabletServicePro) -- C:\Programmer\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology, Corp.)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV - (SbieSvc) -- C:\Programmer\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)

SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

SRV - (Live Updater Service) -- C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)

SRV - (Intel® -- C:\Programmer\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)

SRV - (WSWNA3100M) -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe ()

SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)

SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )

SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)

DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\Drivers\wacomrouterfilter.sys (Wacom Technology)

DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\Drivers\wachidrouter.sys (Wacom Technology)

DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\Drivers\hidkmdf.sys (Windows ® Win 7 DDK provider)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)

DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)

DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)

DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)

DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)

DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)

DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)

DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)

DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)

DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)

DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)

DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)

DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)

DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)

DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)

DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)

DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)

DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)

DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)

DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)

DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)

DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)

DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)

DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)

DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)

DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)

DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)

DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)

DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)

DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)

DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)

DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)

DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)

DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)

DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)

DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)

DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)

DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)

DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)

DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)

DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)

DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)

DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (wna3100m) -- C:\Windows\SysNative\Drivers\wna3100m.sys (NETGEAR Corporation )

DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\Drivers\e1c62x64.sys (Intel Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\Drivers\ViaHub3.sys (VIA Technologies, Inc.)

DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\Drivers\xhcdrv.sys (VIA Technologies, Inc.)

DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\Drivers\amdxhc.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\Drivers\amdhub30.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG)

DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)

DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\Drivers\nusb3xhc.sys (Renesas Electronics Corporation)

DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\Drivers\nusb3hub.sys (Renesas Electronics Corporation)

DRV:64bit: - (adfs) -- C:\WINDOWS\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)

DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\Drivers\EtronHub3.sys (Etron Technology Inc)

DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\Drivers\EtronXHCI.sys (Etron Technology Inc)

DRV - (SbieDrv) -- C:\Programmer\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)

DRV - (adfs) -- C:\WINDOWS\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

========== Chrome ==========

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - Extension: Entanglement = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\

CHR - Extension: Bejeweled = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\

CHR - Extension: Angry Birds = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\

CHR - Extension: Google Drive = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\

CHR - Extension: Audiotool = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\

CHR - Extension: YouTube = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Bouncy Mouse = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\

CHR - Extension: Google Search = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Cordy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjbkahdllcckjbjijejpmcgkkjpnnfk\15_0\

CHR - Extension: Bomomo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln\1_0\

CHR - Extension: Sumo Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod\3.7_0\

CHR - Extension: Sleepy Jack = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc\23_0\

CHR - Extension: Search All = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\

CHR - Extension: Recent History = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm\2.1.4.1_0\

CHR - Extension: AdBlock = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\

CHR - Extension: Vector Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo\3.0.0.0_0\

CHR - Extension: Isoball 3 = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\

CHR - Extension: Pixlr Editor = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\

CHR - Extension: LineBall = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\

CHR - Extension: Nano Ninja = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jommidhbgbbbbjddhmajdmeajfleineg\1.3.0_0\

CHR - Extension: Force Reload = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhgjeaffbhdcpflajldaijabgclfnoa\1.2_0\

CHR - Extension: Little Alchemy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\

CHR - Extension: Divvr = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackkieddhpmioebogincgkkcagabhgm\2.0_0\

CHR - Extension: Google Maps = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\

CHR - Extension: Harmony = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0\

CHR - Extension: Poppit = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

CHR - Extension: ScriptNo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.2_0\

CHR - Extension: Mini Ninjas = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.16_0\

CHR - Extension: Bastion = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\

CHR - Extension: Gmail = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010-04-30 14:56:09 | 000,001,798 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 adobe.activate.com

O1 - Hosts: 127.0.0.1 adobeereg.com

O1 - Hosts: 127.0.0.1 www.adobeereg.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 125.252.224.90

O1 - Hosts: 127.0.0.1 125.252.224.91

O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

O4 - Startup: C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) - File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-11-10 11:57:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2012-11-02 16:01:37 | 044,851,551 | ---- | M] () - D:\Autodesk_Sketchbook_Pro_v6_Multilingual_WIN_32bit.exe -- [ NTFS ]

O32 - AutoRun File - [2011-11-14 23:15:54 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\install.exe -- [2011-11-14 23:15:54 | 000,519,144 | R--- | M] (Adobe Systems, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)

NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)

NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-11-21 17:55:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2012-11-21 17:12:11 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe

[2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Opera

[2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Opera

[2012-11-19 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera

[2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes

[2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes

[2012-11-19 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla

[2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

[2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client

[2012-11-19 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\New project

[2012-11-19 11:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Construct 2

[2012-11-18 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

[2012-11-18 10:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy

[2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Mozilla

[2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer

[2012-11-17 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2012-11-17 14:28:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012-11-16 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012-11-16 19:28:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys

[2012-11-16 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012-11-16 17:53:44 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice

[2012-11-16 17:34:38 | 000,000,000 | R--D | C] -- C:\Sandbox

[2012-11-16 17:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie

[2012-11-16 17:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie

[2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache

[2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Packages

[2012-11-16 17:15:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Videoer

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Temporary Internet Files

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Skabeloner

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\SendTo

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Recent

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Printere

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Oversigt

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Musik

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Menuen Start

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Lokale indstillinger

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Dokumenter

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Cookies

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Billeder

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Application Data

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Application Data

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Andre computere

[2012-11-16 17:10:27 | 000,000,000 | --SD | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Favorites

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Desktop

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

[2012-11-16 17:10:27 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\AppData

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Temp

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Microsoft

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012-11-16 17:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM

[2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012-11-16 17:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2012-11-16 17:06:30 | 000,000,000 | ---D | C] -- C:\Windows.old

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild

[2012-11-16 16:47:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther

[2012-11-15 11:51:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Drug Lords

[2012-11-15 10:52:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1

[2012-11-15 10:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wimp

[2012-11-15 09:20:41 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.stencylworks

[2012-11-15 09:20:38 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl

[2012-11-14 18:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2012-11-14 18:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2012-11-14 17:58:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\NVIDIA

[2012-11-14 17:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2012-11-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012-11-14 17:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spool

[2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player

[2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared

[2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012-11-14 17:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared

[2012-11-14 17:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012-11-14 17:40:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes

[2012-11-14 17:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012-11-14 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\deluge

[2012-11-14 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge

[2012-11-14 17:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge

[2012-11-14 15:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stencyl

[2012-11-14 15:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stencyl

[2012-11-14 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.oces2

[2012-11-14 15:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012-11-14 15:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012-11-14 15:25:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2012-11-14 15:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2012-11-14 09:19:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF

[2012-11-14 09:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SumatraPDF

[2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012-11-12 00:11:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VMware

[2012-11-12 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\VMware

[2012-11-12 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware

[2012-11-11 10:27:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Skype

[2012-11-11 10:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012-11-11 10:27:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2012-11-11 10:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012-11-10 19:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\NAPP_Dism_Log

[2012-11-10 18:10:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\mypaint

[2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPaint

[2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPaint

[2012-11-10 18:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyPaint

[2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development

[2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development

[2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Zame

[2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack

[2012-11-10 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Adobe

[2012-11-10 15:51:53 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Dropbox

[2012-11-10 15:50:40 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

[2012-11-10 15:50:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox

[2012-11-10 15:39:31 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Page File

[2012-11-10 14:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment

[2012-11-10 14:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net

[2012-11-10 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

[2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Wat

[2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Wat

[2012-11-10 12:21:23 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Story File

[2012-11-10 12:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alias

[2012-11-10 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\WTablet

[2012-11-10 12:15:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet

[2012-11-10 12:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins

[2012-11-10 12:15:05 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys

[2012-11-10 12:15:02 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys

[2012-11-10 12:15:02 | 000,013,728 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys

[2012-11-10 12:14:56 | 001,981,312 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll

[2012-11-10 12:14:56 | 001,974,144 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll

[2012-11-10 12:14:56 | 001,843,072 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll

[2012-11-10 12:14:56 | 001,840,000 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll

[2012-11-10 12:14:56 | 001,628,032 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll

[2012-11-10 12:14:56 | 001,621,376 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll

[2012-11-10 12:14:56 | 001,509,248 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll

[2012-11-10 12:14:56 | 001,505,152 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll

[2012-11-10 12:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet

[2012-11-10 12:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins

[2012-11-10 12:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS

[2012-11-10 12:04:09 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro

[2012-11-10 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Smith Micro

[2012-11-10 12:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0

[2012-11-10 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smith Micro

[2012-11-10 12:00:54 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk

[2012-11-10 12:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

[2012-11-10 12:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk

[2012-11-10 11:58:04 | 000,000,000 | ---D | C] -- C:\temp

[2012-11-10 11:57:27 | 000,000,000 | ---D | C] -- C:\Autodesk

[2012-11-10 11:47:15 | 000,000,000 | ---D | C] -- C:\World of Warcraft

[2012-11-10 11:44:02 | 000,000,000 | ---D | C] -- C:\avast! sandbox

[2012-11-10 11:41:38 | 000,285,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe

[2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012-11-10 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\EgisTec IPS

[2012-11-10 11:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012-11-10 11:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2012-11-10 11:33:12 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Google

[2012-11-10 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Apps

[2012-11-10 11:32:43 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Adobe

[2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie

[2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR

[2012-11-10 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\InstallShield

[2012-11-10 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\OEM

[2012-11-10 11:25:03 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Searches

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012-11-10 11:24:56 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012-11-10 11:24:49 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Contacts

[2012-11-10 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Identities

[2012-11-10 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VirtualStore

[2012-11-10 11:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Accessory Store

[2012-11-10 11:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Videos

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Saved Games

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Pictures

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Music

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Links

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Downloads

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Documents

[2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Media Center Programs

[2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Macromedia

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Programmer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter

[2012-11-10 11:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation

[2012-11-10 11:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2012-11-10 11:07:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady

[2012-11-10 11:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady

[2012-11-10 11:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft

[2012-11-10 11:03:59 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll

[2012-11-10 11:03:59 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll

[2012-11-10 11:03:59 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll

[2012-11-10 11:03:59 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll

[2012-11-10 11:03:59 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll

[2012-11-10 11:03:59 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll

[2012-11-10 11:03:59 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll

[2012-11-10 11:03:59 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll

[2012-11-10 11:03:59 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek2.dll

[2012-11-10 11:03:59 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll

[2012-11-10 11:03:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll

[2012-11-10 11:03:59 | 000,527,872 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll

[2012-11-10 11:03:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll

[2012-11-10 11:03:59 | 000,515,584 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll

[2012-11-10 11:03:59 | 000,439,808 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll

[2012-11-10 11:03:59 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll

[2012-11-10 11:03:59 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll

[2012-11-10 11:03:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll

[2012-11-10 11:03:59 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll

[2012-11-10 11:03:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll

[2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll

[2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll

[2012-11-10 11:03:59 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll

[2012-11-10 11:03:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll

[2012-11-10 11:03:59 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll

[2012-11-10 11:03:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll

[2012-11-10 11:03:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll

[2012-11-10 11:03:59 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll

[2012-11-10 11:03:59 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll

[2012-11-10 11:03:59 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll

[2012-11-10 11:03:59 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll

[2012-11-10 11:03:59 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll

[2012-11-10 11:03:59 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll

[2012-11-10 11:03:59 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll

[2012-11-10 11:03:59 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll

[2012-11-10 11:03:58 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll

[2012-11-10 11:03:58 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll

[2012-11-10 11:03:58 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll

[2012-11-10 11:03:58 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll

[2012-11-10 11:03:58 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll

[2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll

[2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll

[2012-11-10 11:03:58 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll

[2012-11-10 11:03:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp

[2012-11-10 11:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek

[2012-11-10 11:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2012-11-10 11:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2012-11-10 11:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2012-11-10 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent

[2012-11-10 11:00:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

[2012-11-10 10:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2012-11-10 10:55:03 | 000,000,000 | -H-D | C] -- C:\book

[2012-11-10 10:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem

[2012-11-10 10:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2012-11-10 10:50:35 | 000,068,928 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll

[2012-11-10 10:50:35 | 000,061,248 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll

[2012-11-10 10:47:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll

[2012-11-10 10:47:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel

[2012-11-10 10:47:55 | 000,000,000 | -H-D | C] -- C:\Intel

[2012-11-10 10:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2012-11-10 10:44:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012-11-21 18:56:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-11-21 18:38:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-21 17:30:04 | 001,379,886 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI

[2012-11-21 17:30:04 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat

[2012-11-21 17:30:04 | 000,463,600 | ---- | M] () -- C:\WINDOWS\SysNative\perfh006.dat

[2012-11-21 17:30:04 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat

[2012-11-21 17:30:04 | 000,079,354 | ---- | M] () -- C:\WINDOWS\SysNative\perfc006.dat

[2012-11-21 17:27:36 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-11-21 17:26:03 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-21 17:25:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2012-11-21 17:25:23 | 4254,535,678 | -HS- | M] () -- C:\hiberfil.sys

[2012-11-21 17:23:30 | 004,847,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2012-11-21 17:12:46 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe

[2012-11-21 09:58:22 | 000,001,794 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini

[2012-11-19 22:13:35 | 000,049,434 | ---- | M] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html

[2012-11-19 22:09:35 | 000,001,837 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

[2012-11-19 21:55:23 | 000,001,525 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk

[2012-11-19 12:15:53 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2012-11-19 12:12:56 | 000,000,813 | ---- | M] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel

[2012-11-19 11:53:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Construct 2.lnk

[2012-11-18 10:46:01 | 000,237,914 | ---- | M] () -- C:\Users\jn2002dk\Desktop\speccy.jpg

[2012-11-18 10:45:00 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012-11-17 15:33:50 | 000,867,584 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf

[2012-11-17 15:33:05 | 000,063,052 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg

[2012-11-17 15:32:57 | 001,078,245 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.psd

[2012-11-16 21:40:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

[2012-11-16 20:58:46 | 000,599,929 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.psd

[2012-11-16 20:55:40 | 000,913,408 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.sai

[2012-11-16 19:28:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-11-16 17:43:38 | 000,001,304 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk

[2012-11-16 17:33:31 | 000,000,900 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk

[2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml

[2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml

[2012-11-16 17:14:41 | 000,022,852 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012-11-15 21:45:53 | 001,196,032 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.sai

[2012-11-15 20:51:56 | 000,540,385 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.psd

[2012-11-15 20:51:53 | 000,075,244 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg

[2012-11-15 20:46:14 | 001,159,168 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.sai

[2012-11-15 10:52:21 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\Wimp.lnk

[2012-11-15 09:21:19 | 000,000,995 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk

[2012-11-14 17:23:58 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Deluge.lnk

[2012-11-12 00:14:03 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012-11-12 00:06:52 | 001,289,942 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI

[2012-11-11 20:57:59 | 000,071,190 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Image001.jpg

[2012-11-11 16:19:10 | 000,000,975 | ---- | M] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk

[2012-11-11 15:10:52 | 002,314,240 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.sai

[2012-11-10 23:11:02 | 001,323,008 | ---- | M] () -- C:\Users\jn2002dk\Documents\face.sai

[2012-11-10 19:39:42 | 000,011,453 | ---- | M] () -- C:\WINDOWS\ChangeLang_Done.tag

[2012-11-10 19:21:36 | 000,840,071 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf

[2012-11-10 19:21:17 | 000,228,495 | ---- | M] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg

[2012-11-10 19:19:59 | 000,001,035 | ---- | M] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk

[2012-11-10 18:01:53 | 000,007,752 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg

[2012-11-10 17:49:30 | 000,016,835 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.png

[2012-11-10 17:46:56 | 000,010,200 | ---- | M] () -- C:\Users\jn2002dk\Documents\birds.jpg

[2012-11-10 17:44:13 | 000,002,246 | ---- | M] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk

[2012-11-10 15:51:53 | 000,001,049 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk

[2012-11-10 15:50:45 | 000,001,059 | ---- | M] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012-11-10 12:07:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf

[2012-11-10 12:02:24 | 000,001,310 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk

[2012-11-10 12:00:53 | 000,002,144 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk

[2012-11-10 12:00:53 | 000,002,121 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk

[2012-11-10 12:00:53 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk

[2012-11-10 11:41:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt

[2012-11-10 11:33:59 | 000,002,297 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk

[2012-11-10 11:32:35 | 000,001,449 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012-11-10 11:32:35 | 000,000,221 | -HS- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2012-11-10 11:30:39 | 000,001,155 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:30:39 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:09:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk

[2012-11-10 11:08:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Media.lnk

[2012-11-10 11:01:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe

[2012-10-29 08:14:20 | 001,981,312 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll

[2012-10-29 08:14:20 | 001,974,144 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll

[2012-10-29 08:14:20 | 001,843,072 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll

[2012-10-29 08:14:18 | 001,840,000 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll

[2012-10-29 08:14:16 | 001,628,032 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll

[2012-10-29 08:14:16 | 001,621,376 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll

[2012-10-29 08:14:16 | 001,509,248 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll

[2012-10-29 08:14:16 | 001,505,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll

========== Files Created - No Company Name ==========

[2012-11-21 17:23:19 | 004,847,728 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2012-11-19 22:13:35 | 000,049,434 | ---- | C] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html

[2012-11-19 22:09:35 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2012-11-19 22:09:35 | 000,001,837 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk

[2012-11-19 21:54:56 | 000,001,525 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk

[2012-11-19 12:19:38 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.lnk

[2012-11-19 12:15:53 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2012-11-19 12:12:56 | 000,000,813 | ---- | C] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel

[2012-11-19 11:53:28 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Construct 2.lnk

[2012-11-19 11:53:28 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\Construct 2.lnk

[2012-11-18 10:46:01 | 000,237,914 | ---- | C] () -- C:\Users\jn2002dk\Desktop\speccy.jpg

[2012-11-18 10:45:00 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012-11-17 15:58:30 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk

[2012-11-17 15:33:05 | 000,063,052 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg

[2012-11-17 15:29:33 | 000,867,584 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf

[2012-11-17 15:22:46 | 001,078,245 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.psd

[2012-11-16 21:40:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

[2012-11-16 20:56:07 | 000,599,929 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.psd

[2012-11-16 20:55:40 | 000,913,408 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.sai

[2012-11-16 19:28:08 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-11-16 17:44:48 | 000,361,934 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2012-11-16 17:44:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll

[2012-11-16 17:44:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

[2012-11-16 17:34:04 | 000,001,304 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk

[2012-11-16 17:34:04 | 000,000,900 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk

[2012-11-16 17:34:02 | 000,001,794 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini

[2012-11-16 17:25:05 | 000,001,442 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012-11-16 17:14:41 | 000,022,852 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml

[2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml

[2012-11-16 17:10:27 | 000,000,352 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012-11-16 17:10:27 | 000,000,334 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012-11-16 17:09:07 | 002,689,224 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin

[2012-11-16 17:07:15 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys

[2012-11-16 15:44:44 | 4254,535,678 | -HS- | C] () -- C:\hiberfil.sys

[2012-11-15 21:45:03 | 001,196,032 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.sai

[2012-11-15 20:51:53 | 000,075,244 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg

[2012-11-15 20:46:28 | 000,540,385 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.psd

[2012-11-15 20:46:14 | 001,159,168 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.sai

[2012-11-15 10:52:21 | 000,000,799 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wimp.lnk

[2012-11-15 10:52:21 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\Wimp.lnk

[2012-11-15 09:21:19 | 000,000,995 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk

[2012-11-14 18:23:10 | 000,001,618 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.lnk

[2012-11-14 18:22:53 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2012-11-14 18:22:45 | 000,001,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2012-11-14 18:22:04 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2012-11-14 18:22:02 | 000,001,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2012-11-14 18:21:48 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2012-11-14 17:57:20 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk

[2012-11-14 17:57:05 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk

[2012-11-14 17:56:31 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk

[2012-11-14 17:56:23 | 000,001,400 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk

[2012-11-14 17:55:50 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk

[2012-11-14 17:55:19 | 000,001,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk

[2012-11-14 17:55:15 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk

[2012-11-14 17:23:58 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Deluge.lnk

[2012-11-14 09:19:16 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk

[2012-11-12 00:14:03 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012-11-12 00:06:52 | 001,289,942 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI

[2012-11-11 16:19:04 | 000,071,190 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Image001.jpg

[2012-11-11 14:43:04 | 002,314,240 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.sai

[2012-11-10 23:11:02 | 001,323,008 | ---- | C] () -- C:\Users\jn2002dk\Documents\face.sai

[2012-11-10 19:42:23 | 000,011,453 | ---- | C] () -- C:\WINDOWS\ChangeLang_Done.tag

[2012-11-10 19:19:59 | 000,001,035 | ---- | C] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk

[2012-11-10 18:09:59 | 000,000,975 | ---- | C] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk

[2012-11-10 18:01:53 | 000,007,752 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg

[2012-11-10 17:50:14 | 000,840,071 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf

[2012-11-10 17:49:30 | 000,016,835 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.png

[2012-11-10 17:46:56 | 000,010,200 | ---- | C] () -- C:\Users\jn2002dk\Documents\birds.jpg

[2012-11-10 17:44:13 | 000,002,246 | ---- | C] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk

[2012-11-10 17:34:53 | 000,228,495 | ---- | C] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg

[2012-11-10 15:51:53 | 000,001,049 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk

[2012-11-10 15:50:45 | 000,001,059 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTouchTabletUserDefaults.xml

[2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTabletUserDefaults.xml

[2012-11-10 12:07:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf

[2012-11-10 12:02:24 | 000,001,310 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk

[2012-11-10 12:00:53 | 000,002,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk

[2012-11-10 12:00:53 | 000,002,121 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk

[2012-11-10 12:00:53 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk

[2012-11-10 11:54:00 | 000,016,366 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb

[2012-11-10 11:41:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt

[2012-11-10 11:33:59 | 000,002,297 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk

[2012-11-10 11:33:15 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-10 11:33:13 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-10 11:32:35 | 000,001,449 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012-11-10 11:30:39 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:30:39 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:23:19 | 000,000,221 | -HS- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2012-11-10 11:09:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk

[2012-11-10 11:08:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Media.lnk

[2012-11-10 11:07:58 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk

[2012-11-10 11:03:59 | 000,181,324 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT

[2012-11-10 11:03:19 | 000,015,128 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\IntelMEFWVer.dll

[2012-11-10 11:01:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat

[2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT

[2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll

[2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll

[2012-07-20 21:35:06 | 000,428,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvStreaming.exe

[2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

[2012-02-02 22:08:26 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012-10-11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-10-11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-11-10 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk

[2012-11-17 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012-11-15 10:52:28 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1

[2012-11-19 12:12:56 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\deluge

[2012-11-21 17:26:29 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox

[2012-11-21 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla

[2012-11-17 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer

[2012-11-10 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\OEM

[2012-11-19 22:09:37 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Opera

[2012-11-10 11:25:03 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver

[2012-11-10 12:04:09 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro

[2012-11-19 17:32:38 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl

[2012-11-14 09:19:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF

[2012-11-10 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: EXPLORER.EXE >

[2012-10-11 06:53:24 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=0AD19A3CA61271BA872AD90771BA47DC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe

[2012-10-11 09:09:58 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=0DDFEAA2AA18D4295EF220EB666B2312 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe

[2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old\Windows\explorer.exe

[2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011-07-14 06:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2012-07-26 04:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe

[2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\SysWOW64\explorer.exe

[2011-07-14 06:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2012-07-26 05:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe

[2012-10-11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\SysWOW64\explorer.exe

[2012-10-11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe

[2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[2012-10-11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\explorer.exe

[2012-10-11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe

< MD5 for: SVCHOST.EXE >

[2012-07-26 04:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe

[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\SysWOW64\svchost.exe

[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

[2012-07-26 07:12:50 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\$WINDOWS.~BT\Windows\System32\svchost.exe

[2012-07-26 07:12:50 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe

[2012-07-26 04:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe

[2012-09-20 07:33:14 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=607F7CB143783A8F9BA058D2FC4F2D36 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe

[2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[2012-09-20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe

[2012-09-20 06:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe

[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\System32\svchost.exe

[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[2012-09-20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\WINDOWS\SysNative\svchost.exe

[2012-09-20 07:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

[2012-09-20 06:56:27 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=EEF5E64822C3E21B186EA53463BE92DA -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe

< MD5 for: USERINIT.EXE >

[2012-07-26 07:12:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\$WINDOWS.~BT\Windows\System32\userinit.exe

[2012-07-26 07:12:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe

[2012-07-26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\WINDOWS\SysNative\userinit.exe

[2012-07-26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe

[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\SysWOW64\userinit.exe

[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2012-07-26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe

[2012-07-26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old\Windows\System32\userinit.exe

[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >

[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old\Windows\System32\winlogon.exe

[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2012-09-20 07:33:55 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=1F84B5F8DBDFFD36DF143C61CE25F12A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe

[2012-09-20 07:33:17 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=6522E98C94A2A81AE11EB66D2AF5743A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe

[2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2012-07-26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe

[2012-07-26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe

[2012-07-26 04:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe

[2012-10-11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\WINDOWS\SysNative\winlogon.exe

[2012-10-11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe

[2012-10-11 06:45:27 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=CBFD56B4EC07CB056A6ABD55DD33671F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 21-11-2012 19:18:45 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Downloads

64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16433)

Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,95 Gb Total Physical Memory | 13,86 Gb Available Physical Memory | 86,88% Memory free

31,95 Gb Paging File | 29,59 Gb Available in Paging File | 92,60% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 455,95 Gb Total Space | 337,18 Gb Free Space | 73,95% Space Free | Partition Type: NTFS

Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{4653038E-7022-40C5-826E-47EB59F7AF91}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |

"{94E56B75-2815-450D-88FB-E732EA34490B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{CBEF7F31-C0EC-4C0C-B9D8-0FCEC287BCF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0357D592-B3BF-4CCB-97BD-27B519D67359}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |

"{04351828-F3FE-446A-B43C-33BC266A539B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |

"{0A980157-11B6-42F1-8B2D-6974B327910C}" = dir=in | name=jetpack joyride |

"{0CEAAFD2-6213-476F-8FE7-6E1A3E1FBCAD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |

"{0D34A57D-6D5F-4F01-A52E-B13D97ADF325}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |

"{0F9787CE-7BEE-4DD9-8C14-CC82CDB31937}" = protocol=6 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe |

"{17F7E615-8139-4CC6-86F5-480678A712E0}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |

"{19F87F94-7F21-4BB5-A68A-43F0D16E42BC}" = dir=out | name=dansk tv guide |

"{23572596-3B2A-42EF-909A-1DEA2BC90701}" = dir=out | name=google search |

"{28407D69-01B4-4838-B0B7-4F1A21AA1229}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\musicplayer.exe |

"{3291183B-49B1-4337-A902-B85960C11F24}" = dir=out | name=jetpack joyride |

"{33A37FED-A10C-4C44-B566-2B8C36DE1A0D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{34A8C487-D113-48AB-88DB-7C55E512A16E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |

"{356683B8-14E6-472D-A9BA-0E7AADAC4121}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |

"{3725EDE0-49FB-40A9-927F-5A1D3C8CEBB6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |

"{3E0F4F49-4397-49C8-BA83-81638F46E630}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |

"{4148A774-16B4-4D51-B96C-D0A2E9FAFADF}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe |

"{443DCA72-E271-4EE1-A395-861226EAC462}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |

"{4FEFEF60-A1B9-474C-9AE6-2613E396CAD9}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |

"{5A0CE3E1-DA61-4DA2-80A2-3C359058C81C}" = dir=out | name=reckless racing ultimate |

"{5CF0E3EA-6761-446D-A32F-E9B17E4ED708}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |

"{61A1DE9E-678C-4B90-AE52-0F47B6CF8C81}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{65A2AF69-8120-46C2-9EF0-F237BD970FCB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{6E374CC6-3462-4C9A-A89F-3720F251687E}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |

"{6E70595C-E3C8-4FAA-B931-A910FC9AB3A2}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |

"{708F3E45-8EDE-4E78-90EC-8FDED35B43C1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{7234C830-0D55-4BAE-A425-B88581B96490}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |

"{7529D910-9EA1-4135-B060-A318FBD236FC}" = dir=out | name=netflix |

"{7A01CF71-AA1B-47AC-B582-6109BAE4F0B4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |

"{7EAA6D7E-B470-4259-8DD5-3B1D7E63CDDC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |

"{7F997D3B-CD26-4B44-8C2F-E95DD7A635A0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |

"{82CD5FDB-B80F-49AD-AA53-725CC7341984}" = dir=out | name=windows_ie_ac_001 |

"{84D18218-35AF-4090-A290-FD42EC198F6A}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |

"{8503B0D7-78E6-448F-841F-E4A1EDBBA483}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{8751BC2E-EBFF-4206-A845-C563182B37D5}" = dir=out | name=@{microsoft.bingnews_1.5.1.409_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |

"{88560705-D959-4425-8F07-C90835E5FB2C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |

"{8EC83ABC-AE33-4878-A55D-A233D05EB92E}" = protocol=17 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe |

"{9355FF3C-6304-4B85-94B3-ACD46A90A8D7}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

"{94E84627-B5EB-4495-8261-84BF5408423E}" = dir=out | name=@{microsoft.bing_1.5.1.251_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |

"{A3565842-C2A0-40BD-AAB2-D45056B1E5EF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |

"{A6180B5A-A17D-4197-B827-6142FEB04A99}" = dir=out | name=@{microsoft.bingsports_1.5.1.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |

"{B14DF630-4826-4D41-8CB8-5C13143DB6F6}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |

"{CAC45CDE-4193-4DE4-96B9-376C418503FD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |

"{D1E5BA24-96CA-46A1-8A60-3F88C3A12FF4}" = dir=out | name=@{microsoft.bingtravel_1.5.1.248_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |

"{D1E800B9-F28B-4256-8DB1-D35E42AA2D59}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{D2F71B1D-9610-41F0-A01B-056ACEFDB8D6}" = dir=out | name=fresh paint |

"{D45CA416-E994-49BC-A076-21DE8329D79A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |

"{DD095A4C-C7E1-492A-8262-4BB19864BA8E}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |

"{E1B1A5C0-3107-4E04-99D0-7FB7EEA2BFDF}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |

"{E1CC83E1-08B4-4201-BFE1-B6622822D7BF}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\videoplayer.exe |

"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |

"{F03D8AC6-0802-49BD-8698-7DDA613A2C68}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |

"{F600C358-0B22-46B1-B55B-F0AF9AAFD2F4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"TCP Query User{50856051-06F3-482D-A00B-8B23CC86F9EF}C:\program files (x86)\deluge\deluged.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deluge\deluged.exe |

"TCP Query User{6166D556-B1EF-43D9-8B81-254ADE9E8AF8}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |

"TCP Query User{714DD68D-B28D-40B3-A700-F2E09AFDFA35}C:\program files (x86)\deluge\deluge.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deluge\deluge.exe |

"TCP Query User{E5381B10-D229-489A-BFE2-4C7C1DED0462}C:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{2E95C977-5296-4F6B-9480-76BAEEFB0C25}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |

"UDP Query User{79CBD226-6369-497A-82AC-28D94AC09220}C:\program files (x86)\deluge\deluge.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deluge\deluge.exe |

"UDP Query User{C7139AE2-55A2-4036-86EA-8E16C6412725}C:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jn2002dk\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{D4EDDACC-595F-4A3F-89D7-38C19120A8D9}C:\program files (x86)\deluge\deluged.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deluge\deluged.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources

"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client

"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker

"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources

"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources

"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources

"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder

"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources

"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources

"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources

"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources

"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources

"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources

"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources

"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources

"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources

"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources

"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources

"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources

"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources

"{75E2C40C-4345-4DD0-B5B3-B8EB92EEECB5}" = Microsoft Web Platform Installer 4.0

"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources

"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources

"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources

"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources

"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision-driver 305.17

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Kontrolpanel 305.17

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdriver 305.17

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controllerdriver 305.17

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-systemsoftware 9.12.0213

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-lyddriver 1.3.18.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources

"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources

"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources

"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources

"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources

"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources

"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources

"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"CCleaner" = CCleaner

"Construct 2_is1" = Construct 2 r108.2

"Sandboxie" = Sandboxie 3.74 (64-bit)

"Speccy" = Speccy

"Wacom Tablet Driver" = Wacom Tablet

"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger

"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common

"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials

"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack

"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack

"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti

"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail

"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh

"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh

"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer

"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar

"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack

"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials

"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite

"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima

"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer

"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack

"{2397AAEE-782B-DBB4-D6D4-1EC4D477B9B9}" = Wimp 1.3.7.10

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail

"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack

"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources

"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail

"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources

"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer

"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh

"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources

"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger

"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials

"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer

"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery

"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials

"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger

"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live

"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources

"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live

"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer

"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials

"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer

"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger

"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack

"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack

"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common

"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack

"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources

"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger

"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri

"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh

"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker

"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources

"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer

"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack

"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker

"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker

"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live

"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh

"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials

"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer

"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources

"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack

"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger

"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh

"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker

"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker

"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer

"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh

"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár

"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack

"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources

"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker

"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh

"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack

"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack

"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live

"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common

"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh

"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger

"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live

"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common

"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker

"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live

"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common

"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources

"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common

"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials

"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources

"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer

"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh

"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials

"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials

"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery

"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery

"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger

"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria

"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail

"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker

"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker

"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger

"{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}" = clear.fi SDK - MVP 2

"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh

"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger

"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources

"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials

"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh

"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail

"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common

"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh

"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common

"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger

"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common

"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer

"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo

"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials

"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources

"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger

"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common

"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi

"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker

"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh

"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger

"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live

"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials

"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer

"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder

"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5

"{C7C8BE4E-428D-4AA9-B7D4-EA4313BDB90E}" = Autodesk SketchBook Pro 6

"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger

"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger

"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live

"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker

"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common

"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer

"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery

"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack

"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail

"{D3580358-0F78-402A-BE53-2E9D06383E04}" = NETGEAR WNA3100M N300 Wireless USB Adapter

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer

"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX

"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker

"{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}" = clear.fi SDK- Movie 2

"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker

"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail

"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer

"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija

"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer

"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources

"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live

"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer

"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live

"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger

"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media

"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources

"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common

"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger

"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger

"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack

"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10

"{F77EF646-19EB-11E1-9A9E-984BE15F174E}" = Evernote v. 4.5.2

"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger

"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos

"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh

"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail

"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker

"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie

"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials

"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials

"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker

"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = Wimp 1.3.7.10

"Deluge" = Deluge 1.3.5

"FileZilla Client" = FileZilla Client 3.6.0.1

"Google Chrome" = Google Chrome

"Hotkey Utility" = Hotkey Utility

"Identity Card" = Identity Card

"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite

"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000

"Manga Studio EX 4.0" = Manga Studio EX 4.0

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Opera 12.10.1652" = Opera 12.10

"Stencyl" = Stencyl

"SumatraPDF" = SumatraPDF

"VirtualCloneDrive" = VirtualCloneDrive

"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit

"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"MyPaint" = MyPaint 1.0.0

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 16-11-2012 11:12:22 | Computer Name = jn2002dk-Pc | Source = ESENT | ID = 492

Description = Windows (6992) Windows: The logfile sequence in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\"

has been halted due to a fatal error. No further updates are possible for the

databases that use this logfile sequence. Please correct the problem and restart

or restore from backup.

Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = Windows Search Service | ID = 7040

Description =

Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = Windows Search Service | ID = 7042

Description =

Error - 16-11-2012 11:12:23 | Computer Name = jn2002dk-Pc | Source = ESENT | ID = 104

Error - 16-11-2012 11:45:10 | Computer Name = jn2002dk-Pc | Source = WinMgmt | ID

= 10

Description =

Error - 16-11-2012 11:48:35 | Computer Name = jn2002dk-Pc | Source = WinMgmt | ID

= 10

Description =

Error - 16-11-2012 12:14:56 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: WifiSvc.exe, version: 2.1.0.24, tidsstempel: 0x4edf37e5

Navn på modul med fejl: RtlLib.dll, version: 700.1079.908.2011, tidsstempel: 0x4eb3c1ac

Undtagelseskode: 0xc0000005

Forskydning med fejl 0x00011764

Proces-id 0x770

Programmets starttidspunkt 0x01cdc41560c293f6

Programsti: C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe

Modulsti: C:\Program Files (x86)\NETGEAR\WNA3100M\RtlLib.dll

Rapport-id: c2629452-3008-11e2-be66-e840f2c9212c

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error - 17-11-2012 05:20:09 | Computer Name = jn2002dk-Pc | Source = ESENT | ID

= 489

Description = taskhostex (22128) An attempt to open the file "C:\Users\jn2002dk\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "Processen kan ikke få adgang til filen, da den bruges af en anden proces. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 17-11-2012 09:11:37 | Computer Name = jn2002dk-Pc | Source = Microsoft-Windows-Backup

| ID = 517

Description = Den sikkerhedskopiering, der startede kl. '2012-11-17T13:11:08.990196200Z', mislykkedes med fejlkoden '0x8007000d' (%%2147942413). Gennemse hændelsesdetaljerne for at finde en løsning, og kør derefter sikkerhedskopieringen igen, når problemet er løst.

Error - 18-11-2012 18:18:04 | Computer Name = jn2002dk-Pc | Source = .NET Runtime

| ID = 1026

Description =

Error - 18-11-2012 18:18:04 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: Netflix.exe, version: 1.1.0.28, tidsstempel: 0x50a4088d

Navn på modul med fejl: KERNELBASE.dll, version: 6.2.9200.16384, tidsstempel: 0x5010ab2d

Undtagelseskode: 0xe0434352

Forskydning med fejl 0x00000000000189cc

Proces-id 0x1ad88

Programmets starttidspunkt 0x01cdc5da854ab8ed

Programsti: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_1.1.0.28_x64__mcm4njqhnhss8\Netflix.exe

Modulsti: C:\WINDOWS\system32\KERNELBASE.dll

Rapport-id: d1e19360-31cd-11e2-be67-e840f2c9212c

Fuldt navn på program med fejl: 4DF9E0F8.Netflix_1.1.0.28_x64__mcm4njqhnhss8

Relativt program-id for program med fejl: App

Error - 19-11-2012 07:35:39 | Computer Name = jn2002dk-Pc | Source = Microsoft-Windows-Immersive-Shell

| ID = 2486

Description = App‘en DefaultBrowser_NOPUBLISHERID!Chrome blev ikke startet inden for den angivne tid.

Error - 19-11-2012 08:31:00 | Computer Name = jn2002dk-Pc | Source = SideBySide

| ID = 16842785

Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll".

Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet.

Anvend sxstrace.exe til detaljeret diagnose.

Error - 19-11-2012 08:31:00 | Computer Name = jn2002dk-Pc | Source = SideBySide

| ID = 16842785

Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll".

Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet.

Anvend sxstrace.exe til detaljeret diagnose.

Error - 19-11-2012 08:31:01 | Computer Name = jn2002dk-Pc | Source = SideBySide

| ID = 16842785

Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll".

Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet.

Anvend sxstrace.exe til detaljeret diagnose.

Error - 19-11-2012 08:31:01 | Computer Name = jn2002dk-Pc | Source = SideBySide

| ID = 16842785

Description = Aktiveringskontekstgenereringen mislykkedes for "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll".

Afhængig samling Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" blev ikke fundet.

Anvend sxstrace.exe til detaljeret diagnose.

Error - 21-11-2012 12:15:02 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf

Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82

Undtagelseskode: 0xc0000005

Forskydning med fejl 0x0004f44d

Proces-id 0x35694

Programmets starttidspunkt 0x01cdc8031298ace9

Programsti: C:\Users\jn2002dk\Downloads\aswMBR.exe

Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll

Rapport-id: 99d0f14e-33f6-11e2-be67-e840f2c9212c

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error - 21-11-2012 12:16:16 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf

Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82

Undtagelseskode: 0xc0000005

Forskydning med fejl 0x0004f44d

Proces-id 0x336c8

Programmets starttidspunkt 0x01cdc80375a9fba4

Programsti: C:\Users\jn2002dk\Downloads\aswMBR.exe

Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll

Rapport-id: c61aa38f-33f6-11e2-be67-e840f2c9212c

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error - 21-11-2012 12:20:26 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf

Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82

Undtagelseskode: 0xc0000005

Forskydning med fejl 0x0004f44d

Proces-id 0x3568c

Programmets starttidspunkt 0x01cdc804056ea764

Programsti: C:\Users\jn2002dk\Desktop\aswMBR.exe

Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll

Rapport-id: 5b64b280-33f7-11e2-be67-e840f2c9212c

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error - 21-11-2012 12:24:42 | Computer Name = jn2002dk-Pc | Source = Application

Error | ID = 1000

Description = Navn på program med fejl: aswMBR.exe, version: 0.9.9.1707, tidsstempel: 0x509be8bf

Navn på modul med fejl: ntdll.dll, version: 6.2.9200.16420, tidsstempel: 0x505aaa82

Undtagelseskode: 0xc0000005

Forskydning med fejl 0x0004f44d

Proces-id 0x77c

Programmets starttidspunkt 0x01cdc804a6c8d23f

Programsti: C:\Users\jn2002dk\Desktop\aswMBR.exe

Modulsti: C:\WINDOWS\SYSTEM32\ntdll.dll

Rapport-id: f3a88f05-33f7-11e2-be68-e840f2c9212c

Fuldt navn på program med fejl:

Relativt program-id for program med fejl:

Error encountered while reading event logs.

< End of report >

Link to post
Share on other sites

Download CKScanner by askey127 from Here & save it to your Desktop.

  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply

----------

Link to post
Share on other sites

Hi,

AdwCleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

----------

Run OTL.exe

  • Copy/paste the following text written inside of the quote box into the Custom Scans/Fixes box located at the bottom of OTL

    :Services
    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
    IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O1 - Hosts: 127.0.0.1 practivate.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.adobe.com
    O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 wip3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
    O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
    O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
    O1 - Hosts: 127.0.0.1 adobe.activate.com
    O1 - Hosts: 127.0.0.1 adobeereg.com
    O1 - Hosts: 127.0.0.1 www.adobeereg.com
    O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
    O1 - Hosts: 127.0.0.1 125.252.224.90
    O1 - Hosts: 127.0.0.1 125.252.224.91
    O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
    O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{3f447352-2b1e-11e2-90d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\install.exe -- [2011-11-14 23:15:54 | 000,519,144 | R--- | M] (Adobe Systems, Inc.)
    :Files
    ipconfig /flushdns /c
    :Commands
    [emptytemp]
    [resethosts]
    [start explorer]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

----------

Please post the logs made by OTL and AdwCleaner and let me know how your system is running now. :)

Link to post
Share on other sites

Hello

ADWCleaner log

# AdwCleaner v2.008 - Logfil lavet d. 22/11/2012 kl. 10:45:27

# Opdateret d. 17/11/2012 af Xplode

# Operativ system : Windows 8 Pro (64 bits)

# Bruger : jn2002dk - JN2002DK-PC

# Boot Mode : Normal

# Kører fra : C:\Users\jn2002dk\Desktop\Malware tools\AdwCleaner.exe

# Indstilling [søg]

***** [servicer] *****

***** [Filer / Mapper] *****

***** [Registeret] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.10.9200.16433

[OK] Registeret er rent.

-\\ Google Chrome v [Kan ikke hente version]

Filer : C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Filen er ren.

-\\ Opera v12.10.1652.0

Filer : C:\Users\jn2002dk\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Filen er ren.

*************************

AdwCleaner[R1].txt - [802 octets] - [22/11/2012 10:45:27]

########## EOF - C:\AdwCleaner[R1].txt - [861 octets] ##########

Link to post
Share on other sites

OTL logfile created on: 22-11-2012 11:00:56 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jn2002dk\Desktop\Malware tools

64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16433)

Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

15,95 Gb Total Physical Memory | 13,90 Gb Available Physical Memory | 87,14% Memory free

31,95 Gb Paging File | 29,79 Gb Available in Paging File | 93,24% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 455,95 Gb Total Space | 337,28 Gb Free Space | 73,97% Space Free | Partition Type: NTFS

Drive D: | 456,46 Gb Total Space | 360,07 Gb Free Space | 78,88% Space Free | Partition Type: NTFS

Drive E: | 159,82 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JN2002DK-PC | User Name: jn2002dk | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\jn2002dk\Desktop\Malware tools\OTL.exe (OldTimer Tools)

PRC - C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

PRC - C:\Programmer\Tablet\Wacom\WacomHost.exe (Wacom Technology)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe (Autodesk Inc)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

PRC - C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)

PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe ()

PRC - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe ()

PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll ()

MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()

MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe ()

MOD - C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)

SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)

SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)

SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)

SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)

SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)

SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)

SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)

SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)

SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)

SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)

SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)

SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)

SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)

SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)

SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)

SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)

SRV - (FLEXnet Licensing Service 64) -- C:\Programmer\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (WTabletServicePro) -- C:\Programmer\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology, Corp.)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)

SRV - (SbieSvc) -- C:\Programmer\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)

SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)

SRV - (Live Updater Service) -- C:\Programmer\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)

SRV - (Intel® -- C:\Programmer\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)

SRV - (WSWNA3100M) -- C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe ()

SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)

SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )

SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)

DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\Drivers\wacomrouterfilter.sys (Wacom Technology)

DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\Drivers\wachidrouter.sys (Wacom Technology)

DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\Drivers\hidkmdf.sys (Windows ® Win 7 DDK provider)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)

DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)

DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)

DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)

DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)

DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)

DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)

DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)

DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)

DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)

DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)

DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)

DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)

DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)

DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)

DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)

DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)

DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)

DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)

DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)

DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)

DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)

DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)

DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)

DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)

DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)

DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)

DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)

DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)

DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)

DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)

DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)

DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)

DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)

DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)

DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)

DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)

DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)

DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)

DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)

DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)

DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)

DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (wna3100m) -- C:\Windows\SysNative\Drivers\wna3100m.sys (NETGEAR Corporation )

DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\Drivers\e1c62x64.sys (Intel Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\Drivers\ViaHub3.sys (VIA Technologies, Inc.)

DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\Drivers\xhcdrv.sys (VIA Technologies, Inc.)

DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\Drivers\amdxhc.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\Drivers\amdhub30.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG)

DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)

DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\Drivers\nusb3xhc.sys (Renesas Electronics Corporation)

DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\Drivers\nusb3hub.sys (Renesas Electronics Corporation)

DRV:64bit: - (adfs) -- C:\WINDOWS\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)

DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\Drivers\EtronHub3.sys (Etron Technology Inc)

DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\Drivers\EtronXHCI.sys (Etron Technology Inc)

DRV - (SbieDrv) -- C:\Programmer\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)

DRV - (adfs) -- C:\WINDOWS\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

========== Chrome ==========

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - Extension: Entanglement = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\

CHR - Extension: Bejeweled = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\

CHR - Extension: Angry Birds = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\

CHR - Extension: Google Drive = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\

CHR - Extension: Audiotool = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\

CHR - Extension: YouTube = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Bouncy Mouse = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb\1.2.1_0\

CHR - Extension: Google Search = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Cordy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjbkahdllcckjbjijejpmcgkkjpnnfk\15_0\

CHR - Extension: Bomomo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln\1_0\

CHR - Extension: Sumo Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod\3.7_0\

CHR - Extension: Sleepy Jack = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edjdoaebnejlnjknbkbacepgemnjlmfc\23_0\

CHR - Extension: Search All = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\

CHR - Extension: Recent History = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbmkfdfomhhlonpbnpiibloacemdhjjm\2.1.4.1_0\

CHR - Extension: AdBlock = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\

CHR - Extension: Vector Paint = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo\3.0.0.0_0\

CHR - Extension: Isoball 3 = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\

CHR - Extension: Pixlr Editor = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\

CHR - Extension: LineBall = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.3.0_0\

CHR - Extension: Nano Ninja = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jommidhbgbbbbjddhmajdmeajfleineg\1.3.0_0\

CHR - Extension: Force Reload = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkhgjeaffbhdcpflajldaijabgclfnoa\1.2_0\

CHR - Extension: Little Alchemy = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\

CHR - Extension: Divvr = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackkieddhpmioebogincgkkcagabhgm\2.0_0\

CHR - Extension: Google Maps = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\

CHR - Extension: Harmony = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn\6_0\

CHR - Extension: Poppit = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

CHR - Extension: ScriptNo = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.2_0\

CHR - Extension: Mini Ninjas = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.16_0\

CHR - Extension: Bastion = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\

CHR - Extension: Gmail = C:\Users\jn2002dk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-11-22 10:47:41 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()

O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-21-1372194753-2522429106-4183652212-1000..\Run: [sandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

O4 - Startup: C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\jn2002dk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21FC7097-B92A-430E-8177-C3DDEAA4853A}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E531B94-3F07-4E73-9483-E9CB9E6CF1C6}: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) - File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-11-10 11:57:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2012-11-02 16:01:37 | 044,851,551 | ---- | M] () - D:\Autodesk_Sketchbook_Pro_v6_Multilingual_WIN_32bit.exe -- [ NTFS ]

O32 - AutoRun File - [2011-11-14 23:15:54 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-11-22 10:47:23 | 000,000,000 | ---D | C] -- C:\_OTL

[2012-11-22 00:09:30 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\Malware tools

[2012-11-21 17:55:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2012-11-21 17:12:11 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe

[2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Opera

[2012-11-19 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Opera

[2012-11-19 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera

[2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes

[2012-11-19 12:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes

[2012-11-19 12:03:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla

[2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

[2012-11-19 12:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client

[2012-11-19 11:56:42 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Desktop\New project

[2012-11-19 11:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Construct 2

[2012-11-18 10:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

[2012-11-18 10:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy

[2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Mozilla

[2012-11-17 16:13:35 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer

[2012-11-17 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2012-11-17 14:28:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012-11-16 19:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012-11-16 19:28:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys

[2012-11-16 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012-11-16 17:53:44 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice

[2012-11-16 17:34:38 | 000,000,000 | R--D | C] -- C:\Sandbox

[2012-11-16 17:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie

[2012-11-16 17:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie

[2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache

[2012-11-16 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Packages

[2012-11-16 17:15:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Videoer

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Temporary Internet Files

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Skabeloner

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\SendTo

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Recent

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Printere

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Oversigt

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Musik

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Menuen Start

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Lokale indstillinger

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Dokumenter

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Cookies

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Documents\Billeder

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Application Data

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\AppData\Local\Application Data

[2012-11-16 17:10:28 | 000,000,000 | -HSD | C] -- C:\Users\jn2002dk\Andre computere

[2012-11-16 17:10:27 | 000,000,000 | --SD | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Favorites

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Desktop

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012-11-16 17:10:27 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

[2012-11-16 17:10:27 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\AppData

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Temp

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Microsoft

[2012-11-16 17:10:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012-11-16 17:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2012-11-16 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM

[2012-11-16 17:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012-11-16 17:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2012-11-16 17:06:30 | 000,000,000 | ---D | C] -- C:\Windows.old

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild

[2012-11-16 17:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild

[2012-11-16 16:47:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther

[2012-11-15 11:51:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Drug Lords

[2012-11-15 10:52:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1

[2012-11-15 10:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wimp

[2012-11-15 09:20:41 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.stencylworks

[2012-11-15 09:20:38 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl

[2012-11-14 18:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2012-11-14 18:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2012-11-14 17:58:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\NVIDIA

[2012-11-14 17:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2012-11-14 17:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012-11-14 17:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spool

[2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player

[2012-11-14 17:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared

[2012-11-14 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012-11-14 17:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared

[2012-11-14 17:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012-11-14 17:40:29 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Malwarebytes

[2012-11-14 17:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012-11-14 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\deluge

[2012-11-14 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge

[2012-11-14 17:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deluge

[2012-11-14 15:25:44 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stencyl

[2012-11-14 15:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stencyl

[2012-11-14 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\.oces2

[2012-11-14 15:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012-11-14 15:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012-11-14 15:25:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2012-11-14 15:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2012-11-14 09:19:16 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF

[2012-11-14 09:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SumatraPDF

[2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2012-11-14 09:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2012-11-12 00:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012-11-12 00:11:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VMware

[2012-11-12 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\VMware

[2012-11-12 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware

[2012-11-11 10:27:37 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Skype

[2012-11-11 10:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012-11-11 10:27:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2012-11-11 10:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012-11-10 19:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\NAPP_Dism_Log

[2012-11-10 18:10:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\mypaint

[2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPaint

[2012-11-10 18:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPaint

[2012-11-10 18:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyPaint

[2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development

[2012-11-10 17:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development

[2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Zame

[2012-11-10 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI English Pack

[2012-11-10 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Adobe

[2012-11-10 15:51:53 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Dropbox

[2012-11-10 15:50:40 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

[2012-11-10 15:50:28 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox

[2012-11-10 15:39:31 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Page File

[2012-11-10 14:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment

[2012-11-10 14:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net

[2012-11-10 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

[2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Wat

[2012-11-10 12:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Wat

[2012-11-10 12:21:23 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Story File

[2012-11-10 12:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alias

[2012-11-10 12:15:11 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\WTablet

[2012-11-10 12:15:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet

[2012-11-10 12:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins

[2012-11-10 12:15:05 | 000,015,776 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys

[2012-11-10 12:15:02 | 000,081,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys

[2012-11-10 12:15:02 | 000,013,728 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys

[2012-11-10 12:14:56 | 001,981,312 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll

[2012-11-10 12:14:56 | 001,974,144 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll

[2012-11-10 12:14:56 | 001,843,072 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll

[2012-11-10 12:14:56 | 001,840,000 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll

[2012-11-10 12:14:56 | 001,628,032 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll

[2012-11-10 12:14:56 | 001,621,376 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll

[2012-11-10 12:14:56 | 001,509,248 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll

[2012-11-10 12:14:56 | 001,505,152 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll

[2012-11-10 12:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet

[2012-11-10 12:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins

[2012-11-10 12:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS

[2012-11-10 12:04:09 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro

[2012-11-10 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\Documents\Smith Micro

[2012-11-10 12:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0

[2012-11-10 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smith Micro

[2012-11-10 12:00:54 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk

[2012-11-10 12:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

[2012-11-10 12:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk

[2012-11-10 11:58:04 | 000,000,000 | ---D | C] -- C:\temp

[2012-11-10 11:57:27 | 000,000,000 | ---D | C] -- C:\Autodesk

[2012-11-10 11:47:15 | 000,000,000 | ---D | C] -- C:\World of Warcraft

[2012-11-10 11:44:02 | 000,000,000 | ---D | C] -- C:\avast! sandbox

[2012-11-10 11:41:38 | 000,285,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe

[2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2012-11-10 11:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012-11-10 11:37:48 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\EgisTec IPS

[2012-11-10 11:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012-11-10 11:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2012-11-10 11:33:12 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Google

[2012-11-10 11:33:05 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\Apps

[2012-11-10 11:32:43 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Adobe

[2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie

[2012-11-10 11:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR

[2012-11-10 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\InstallShield

[2012-11-10 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\OEM

[2012-11-10 11:25:03 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Searches

[2012-11-10 11:24:56 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012-11-10 11:24:56 | 000,000,000 | -H-D | C] -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012-11-10 11:24:49 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Contacts

[2012-11-10 11:24:49 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Identities

[2012-11-10 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Local\VirtualStore

[2012-11-10 11:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\Accessory Store

[2012-11-10 11:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Videos

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Saved Games

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Pictures

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Music

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Links

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Downloads

[2012-11-10 11:23:19 | 000,000,000 | R--D | C] -- C:\Users\jn2002dk\Documents

[2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Media Center Programs

[2012-11-10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\jn2002dk\AppData\Roaming\Macromedia

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videoer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Programmer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musik

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Fælles filer

[2012-11-10 11:23:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Billeder

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivebord

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skabeloner

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menuen Start

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritter

[2012-11-10 11:23:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenter

[2012-11-10 11:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation

[2012-11-10 11:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2012-11-10 11:07:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady

[2012-11-10 11:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady

[2012-11-10 11:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft

[2012-11-10 11:03:59 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll

[2012-11-10 11:03:59 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll

[2012-11-10 11:03:59 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll

[2012-11-10 11:03:59 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll

[2012-11-10 11:03:59 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll

[2012-11-10 11:03:59 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll

[2012-11-10 11:03:59 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll

[2012-11-10 11:03:59 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll

[2012-11-10 11:03:59 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek2.dll

[2012-11-10 11:03:59 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll

[2012-11-10 11:03:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll

[2012-11-10 11:03:59 | 000,527,872 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll

[2012-11-10 11:03:59 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll

[2012-11-10 11:03:59 | 000,515,584 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll

[2012-11-10 11:03:59 | 000,439,808 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll

[2012-11-10 11:03:59 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll

[2012-11-10 11:03:59 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll

[2012-11-10 11:03:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll

[2012-11-10 11:03:59 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll

[2012-11-10 11:03:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll

[2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll

[2012-11-10 11:03:59 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll

[2012-11-10 11:03:59 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll

[2012-11-10 11:03:59 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll

[2012-11-10 11:03:59 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll

[2012-11-10 11:03:59 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll

[2012-11-10 11:03:59 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll

[2012-11-10 11:03:59 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll

[2012-11-10 11:03:59 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll

[2012-11-10 11:03:59 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll

[2012-11-10 11:03:59 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll

[2012-11-10 11:03:59 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll

[2012-11-10 11:03:59 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll

[2012-11-10 11:03:59 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll

[2012-11-10 11:03:59 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll

[2012-11-10 11:03:58 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll

[2012-11-10 11:03:58 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll

[2012-11-10 11:03:58 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll

[2012-11-10 11:03:58 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll

[2012-11-10 11:03:58 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll

[2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll

[2012-11-10 11:03:58 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll

[2012-11-10 11:03:58 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll

[2012-11-10 11:03:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp

[2012-11-10 11:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek

[2012-11-10 11:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2012-11-10 11:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2012-11-10 11:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2012-11-10 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent

[2012-11-10 11:00:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

[2012-11-10 10:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2012-11-10 10:55:03 | 000,000,000 | -H-D | C] -- C:\book

[2012-11-10 10:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem

[2012-11-10 10:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2012-11-10 10:50:35 | 000,068,928 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll

[2012-11-10 10:50:35 | 000,061,248 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll

[2012-11-10 10:47:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll

[2012-11-10 10:47:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel

[2012-11-10 10:47:55 | 000,000,000 | -H-D | C] -- C:\Intel

[2012-11-10 10:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2012-11-10 10:44:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012-11-22 10:56:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012-11-22 10:53:38 | 001,379,886 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI

[2012-11-22 10:53:38 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat

[2012-11-22 10:53:38 | 000,463,600 | ---- | M] () -- C:\WINDOWS\SysNative\perfh006.dat

[2012-11-22 10:53:38 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat

[2012-11-22 10:53:38 | 000,079,354 | ---- | M] () -- C:\WINDOWS\SysNative\perfc006.dat

[2012-11-22 10:50:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012-11-22 10:48:43 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-22 10:48:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2012-11-22 10:48:13 | 4254,535,678 | -HS- | M] () -- C:\hiberfil.sys

[2012-11-22 10:47:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts

[2012-11-22 00:05:14 | 000,000,824 | ---- | M] () -- C:\Users\jn2002dk\Documents\hosts

[2012-11-21 23:38:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-21 17:23:30 | 004,847,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2012-11-21 17:12:46 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\jn2002dk\Desktop\aswMBR.exe

[2012-11-21 09:58:22 | 000,001,794 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini

[2012-11-19 22:13:35 | 000,049,434 | ---- | M] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html

[2012-11-19 22:09:35 | 000,001,837 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

[2012-11-19 21:55:23 | 000,001,525 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk

[2012-11-19 12:15:53 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2012-11-19 12:12:56 | 000,000,813 | ---- | M] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel

[2012-11-19 11:53:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\Construct 2.lnk

[2012-11-18 10:46:01 | 000,237,914 | ---- | M] () -- C:\Users\jn2002dk\Desktop\speccy.jpg

[2012-11-18 10:45:00 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012-11-17 15:33:50 | 000,867,584 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf

[2012-11-17 15:33:05 | 000,063,052 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg

[2012-11-17 15:32:57 | 001,078,245 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.psd

[2012-11-16 21:40:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

[2012-11-16 20:58:46 | 000,599,929 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.psd

[2012-11-16 20:55:40 | 000,913,408 | ---- | M] () -- C:\Users\jn2002dk\Desktop\cop1.sai

[2012-11-16 19:28:08 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-11-16 17:43:38 | 000,001,304 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk

[2012-11-16 17:33:31 | 000,000,900 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk

[2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml

[2012-11-16 17:14:51 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml

[2012-11-16 17:14:41 | 000,022,852 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012-11-16 15:52:22 | 000,016,976 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012-11-15 21:45:53 | 001,196,032 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord2.sai

[2012-11-15 20:51:56 | 000,540,385 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.psd

[2012-11-15 20:51:53 | 000,075,244 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg

[2012-11-15 20:46:14 | 001,159,168 | ---- | M] () -- C:\Users\jn2002dk\Desktop\druglord1.sai

[2012-11-15 10:52:21 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\Wimp.lnk

[2012-11-15 09:21:19 | 000,000,995 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk

[2012-11-14 17:23:58 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Deluge.lnk

[2012-11-12 00:14:03 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012-11-12 00:06:52 | 001,289,942 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI

[2012-11-11 20:57:59 | 000,071,190 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Image001.jpg

[2012-11-11 16:19:10 | 000,000,975 | ---- | M] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk

[2012-11-11 15:10:52 | 002,314,240 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.sai

[2012-11-10 23:11:02 | 001,323,008 | ---- | M] () -- C:\Users\jn2002dk\Documents\face.sai

[2012-11-10 19:39:42 | 000,011,453 | ---- | M] () -- C:\WINDOWS\ChangeLang_Done.tag

[2012-11-10 19:21:36 | 000,840,071 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf

[2012-11-10 19:21:17 | 000,228,495 | ---- | M] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg

[2012-11-10 19:19:59 | 000,001,035 | ---- | M] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk

[2012-11-10 18:01:53 | 000,007,752 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg

[2012-11-10 17:49:30 | 000,016,835 | ---- | M] () -- C:\Users\jn2002dk\Documents\New Canvas.png

[2012-11-10 17:46:56 | 000,010,200 | ---- | M] () -- C:\Users\jn2002dk\Documents\birds.jpg

[2012-11-10 17:44:13 | 000,002,246 | ---- | M] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk

[2012-11-10 15:51:53 | 000,001,049 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk

[2012-11-10 15:50:45 | 000,001,059 | ---- | M] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012-11-10 12:07:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf

[2012-11-10 12:02:24 | 000,001,310 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk

[2012-11-10 12:00:53 | 000,002,144 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk

[2012-11-10 12:00:53 | 000,002,121 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk

[2012-11-10 12:00:53 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk

[2012-11-10 11:41:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt

[2012-11-10 11:33:59 | 000,002,297 | ---- | M] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk

[2012-11-10 11:32:35 | 000,001,449 | ---- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012-11-10 11:32:35 | 000,000,221 | -HS- | M] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2012-11-10 11:30:39 | 000,001,155 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:30:39 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:09:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk

[2012-11-10 11:08:35 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi Media.lnk

[2012-11-10 11:01:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2012-10-30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe

[2012-10-29 08:14:20 | 001,981,312 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Tablet.dll

[2012-10-29 08:14:20 | 001,974,144 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wacom_Touch_Tablet.dll

[2012-10-29 08:14:20 | 001,843,072 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll

[2012-10-29 08:14:18 | 001,840,000 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll

[2012-10-29 08:14:16 | 001,628,032 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Tablet.dll

[2012-10-29 08:14:16 | 001,621,376 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wacom_Touch_Tablet.dll

[2012-10-29 08:14:16 | 001,509,248 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll

[2012-10-29 08:14:16 | 001,505,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll

========== Files Created - No Company Name ==========

[2012-11-22 00:05:14 | 000,000,824 | ---- | C] () -- C:\Users\jn2002dk\Documents\hosts

[2012-11-21 17:23:19 | 004,847,728 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2012-11-19 22:13:35 | 000,049,434 | ---- | C] () -- C:\Users\jn2002dk\Documents\bookmarks_11_19_12.html

[2012-11-19 22:09:35 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2012-11-19 22:09:35 | 000,001,837 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk

[2012-11-19 21:54:56 | 000,001,525 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Internet Explorer.lnk

[2012-11-19 12:19:38 | 000,001,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.lnk

[2012-11-19 12:15:53 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk

[2012-11-19 12:12:56 | 000,000,813 | ---- | C] () -- C:\Users\jn2002dk\AppData\Local\recently-used.xbel

[2012-11-19 11:53:28 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Construct 2.lnk

[2012-11-19 11:53:28 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\Construct 2.lnk

[2012-11-18 10:46:01 | 000,237,914 | ---- | C] () -- C:\Users\jn2002dk\Desktop\speccy.jpg

[2012-11-18 10:45:00 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012-11-17 15:58:30 | 000,002,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk

[2012-11-17 15:33:05 | 000,063,052 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.jpg

[2012-11-17 15:29:33 | 000,867,584 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Drug Lords.swf

[2012-11-17 15:22:46 | 001,078,245 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.psd

[2012-11-16 21:40:22 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

[2012-11-16 20:56:07 | 000,599,929 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.psd

[2012-11-16 20:55:40 | 000,913,408 | ---- | C] () -- C:\Users\jn2002dk\Desktop\cop1.sai

[2012-11-16 19:28:08 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-11-16 17:44:48 | 000,361,934 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2012-11-16 17:44:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll

[2012-11-16 17:44:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

[2012-11-16 17:34:04 | 000,001,304 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Sandboxed Web Browser.lnk

[2012-11-16 17:34:04 | 000,000,900 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk

[2012-11-16 17:34:02 | 000,001,794 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini

[2012-11-16 17:25:05 | 000,001,442 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012-11-16 17:14:41 | 000,022,852 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat

[2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml

[2012-11-16 17:10:37 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml

[2012-11-16 17:10:27 | 000,000,352 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012-11-16 17:10:27 | 000,000,334 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2012-11-16 17:09:07 | 002,689,224 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin

[2012-11-16 17:07:15 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys

[2012-11-16 15:44:44 | 4254,535,678 | -HS- | C] () -- C:\hiberfil.sys

[2012-11-15 21:45:03 | 001,196,032 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord2.sai

[2012-11-15 20:51:53 | 000,075,244 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.jpg

[2012-11-15 20:46:28 | 000,540,385 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.psd

[2012-11-15 20:46:14 | 001,159,168 | ---- | C] () -- C:\Users\jn2002dk\Desktop\druglord1.sai

[2012-11-15 10:52:21 | 000,000,799 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wimp.lnk

[2012-11-15 10:52:21 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\Wimp.lnk

[2012-11-15 09:21:19 | 000,000,995 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Stencyl.lnk

[2012-11-14 18:23:10 | 000,001,618 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS5.lnk

[2012-11-14 18:22:53 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2012-11-14 18:22:45 | 000,001,230 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2012-11-14 18:22:04 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2012-11-14 18:22:02 | 000,001,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2012-11-14 18:21:48 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2012-11-14 17:57:20 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk

[2012-11-14 17:57:05 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk

[2012-11-14 17:56:31 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk

[2012-11-14 17:56:23 | 000,001,400 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk

[2012-11-14 17:55:50 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk

[2012-11-14 17:55:19 | 000,001,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk

[2012-11-14 17:55:15 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk

[2012-11-14 17:23:58 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Deluge.lnk

[2012-11-14 09:19:16 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk

[2012-11-12 00:14:03 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012-11-12 00:06:52 | 001,289,942 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI

[2012-11-11 16:19:04 | 000,071,190 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Image001.jpg

[2012-11-11 14:43:04 | 002,314,240 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.sai

[2012-11-10 23:11:02 | 001,323,008 | ---- | C] () -- C:\Users\jn2002dk\Documents\face.sai

[2012-11-10 19:42:23 | 000,011,453 | ---- | C] () -- C:\WINDOWS\ChangeLang_Done.tag

[2012-11-10 19:19:59 | 000,001,035 | ---- | C] () -- C:\Users\jn2002dk\Desktop\LibreOfficePortable.lnk

[2012-11-10 18:09:59 | 000,000,975 | ---- | C] () -- C:\Users\jn2002dk\Desktop\MyPaint.lnk

[2012-11-10 18:01:53 | 000,007,752 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.jpg

[2012-11-10 17:50:14 | 000,840,071 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Indbydelse.pdf

[2012-11-10 17:49:30 | 000,016,835 | ---- | C] () -- C:\Users\jn2002dk\Documents\New Canvas.png

[2012-11-10 17:46:56 | 000,010,200 | ---- | C] () -- C:\Users\jn2002dk\Documents\birds.jpg

[2012-11-10 17:44:13 | 000,002,246 | ---- | C] () -- C:\Users\jn2002dk\Desktop\PaintTool SAI.lnk

[2012-11-10 17:34:53 | 000,228,495 | ---- | C] () -- C:\Users\jn2002dk\Documents\Indbydelse.odg

[2012-11-10 15:51:53 | 000,001,049 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Dropbox.lnk

[2012-11-10 15:50:45 | 000,001,059 | ---- | C] () -- C:\Users\jn2002dk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTouchTabletUserDefaults.xml

[2012-11-10 12:14:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\SysNative\WacomTabletUserDefaults.xml

[2012-11-10 12:07:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_wachidrouter_01009.Wdf

[2012-11-10 12:02:24 | 000,001,310 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk

[2012-11-10 12:00:53 | 000,002,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk

[2012-11-10 12:00:53 | 000,002,121 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\SketchBook Pro 6.lnk

[2012-11-10 12:00:53 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\SketchBook Pro 6.lnk

[2012-11-10 11:54:00 | 000,016,366 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb

[2012-11-10 11:41:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt

[2012-11-10 11:33:59 | 000,002,297 | ---- | C] () -- C:\Users\jn2002dk\Desktop\Google Chrome.lnk

[2012-11-10 11:33:15 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012-11-10 11:33:13 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012-11-10 11:32:35 | 000,001,449 | ---- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012-11-10 11:30:39 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:30:39 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNA3100M Genie.lnk

[2012-11-10 11:23:19 | 000,000,221 | -HS- | C] () -- C:\Users\jn2002dk\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2012-11-10 11:09:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Photo.lnk

[2012-11-10 11:08:35 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi Media.lnk

[2012-11-10 11:07:58 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk

[2012-11-10 11:03:59 | 000,181,324 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT

[2012-11-10 11:03:19 | 000,015,128 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\IntelMEFWVer.dll

[2012-11-10 11:01:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf

[2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat

[2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT

[2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll

[2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll

[2012-07-20 21:35:06 | 000,428,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvStreaming.exe

[2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

[2012-02-02 22:08:26 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012-10-11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-10-11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-11-10 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Autodesk

[2012-11-17 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012-11-15 10:52:28 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\com.aspiro.wimp.dk.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1

[2012-11-19 12:12:56 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\deluge

[2012-11-22 10:49:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Dropbox

[2012-11-21 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\FileZilla

[2012-11-17 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\KompoZer

[2012-11-10 11:25:04 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\OEM

[2012-11-19 22:09:37 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Opera

[2012-11-10 11:25:03 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Screensaver

[2012-11-10 12:04:09 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Smith Micro

[2012-11-21 23:30:29 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\Stencyl

[2012-11-14 09:19:36 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SumatraPDF

[2012-11-10 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\jn2002dk\AppData\Roaming\SYSTEMAX Software Development

========== Purity Check ==========

< End of report >

Link to post
Share on other sites

As for the pc it seems to be running fine

I've checked the malwarebytes logs and it seems like an isolated incident so i think it's safe to assume it's clean now

I really appreciate you taking the time to help me, especially here in your holidays. Expect a donation today

Thank you for all the help:)

Link to post
Share on other sites

Ok good....

Stick with me to be sure there are no remnants....

Clear Java Cache

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked

    • Downloaded Applets
      Downloaded Applications
      Other Files

    [*]Click OK on Delete Temporary Files Window

    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.

    [*]Click OK to leave the Java Control Panel.

----------

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------

Thank you for the consideration of a donation and I wish you and yours a happy Thanksgiving! :)

Link to post
Share on other sites

Great!!

Providing there are no other malware related problems...

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!!

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

-----------

Clean up with OTL:

  • Right-click and Run as Administrator OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

----------

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

If you didn't already have it I would keep Malwarebytes AntiMalware though.

Here are some tips to reduce the potential for spyware infection in the future:

1. Internet Explorer. Even if you don't use it as your main browser it should be kept up-to-date because that is the browser Windows uses for updates.

Make your Internet Explorer more secure - This can be done by following these simple instructions:

  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox. If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure:

NoScript

AdBlock Plus

3. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:

  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.

4. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

5. Firewall

Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. I would personally only recommend using one of the following two below:

Online Armor Free

Agnitum Outpost Firewall Free

6. Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

7. WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

8.Finally, I strongly recommend that you read How to Prevent Malware found here and also PC Safety and Security - What Do I Need?.

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.