DOS/Alureon.A infection

henkis · January 8, 2011

Hello and thanks in advance for looking at this post!

I have gotten a DOS/Alureon.A infection in my computer which I cannot rid myself of! I have followed the sticky in this forum on how to post a proper topic here. I have managed to run all but the GMER tool which gives me a bluescreen upon every attempt somewhere in the end of the scan (files part of the scan).

I have tried using the Kaspersky TDDS killer which found the infection but fails to remove it upon reboot. MBAM was able to find some traces which I removed, but the infection still seems to be present.

Here I paste the DDS log - the other logs are attached as a .zip file:

Thanks already for any help I can get!

/Henrik

DDS (Ver_10-12-12.02) - NTFSx86

Run by Henrik at 20:19:44,34 on 2011-01-08

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2814.1286 [GMT 8:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Windows\system32\AERTSrv.exe

C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\astsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Users\Henrik\AppData\Local\CrossLoop\CrossLoopService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\nlssrv32.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Everything\Everything.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Windows\RtHDVCpl.exe

C:\Users\Henrik\Documents\My Dropbox\Utilities\Texter\texter.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Users\Henrik\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Users\Henrik\AppData\Local\Flock\Update\FlockUpdate.exe

C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\Launchy\Launchy.exe

C:\Users\Henrik\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henrik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henrik\Desktop\Defogger.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Henrik\Desktop\fsdkjler345.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Henrik\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local

BHO: Groove GFS Browser Helper: {34a73c17-11a9-6d7c-0b3c-47bb01a225e1} - c:\windows\system32\kbbdax2.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [AdobeBridge]

uRun: [Google Update] "c:\users\henrik\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [<NO NAME>]

uRun: [Flock Update] "c:\users\henrik\appdata\local\flock\update\FlockUpdate.exe" /c

uRun: [C:!Users!Henrik!AppData!Local!Google!Chrome!User Data_service_run] "c:\users\henrik\appdata\local\google\chrome\application\chrome.exe" --type=service

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup

mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s

mRun: [<NO NAME>]

mRun: [Display] c:\program files\apc\apc powerchute personal edition\DataCollectionLauncher.exe

mRun: [NokiaMusic FastStart] "c:\program files\nokia\ovi player\NokiaOviPlayer.exe" /command:faststart

mRun: [bluetooth Connection Assistant] LBTWIZ.EXE -silent

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [bCSSync] "c:\program files\microsoft office 2010\office14\BCSSync.exe" /DelayServices

dRun: [svchost] c:\windows\temp\lbxpo.exe

StartupFolder: c:\users\henrik\appdata\roaming\micros~1\windows\startm~1\programs\startup\compla~1.lnk - c:\program files\complaintfreeworld\ComplaintFreeWorld.exe

StartupFolder: c:\users\henrik\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\henrik\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\colorv~1.lnk - c:\program files\colorvision\colorvisionstartup\ColorVisionStartup.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath -

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165264]

R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]

R2 CrossLoopService;CrossLoop Service;c:\users\henrik\appdata\local\crossloop\CrossLoopService.exe [2010-10-9 560848]

R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2010-10-4 63488]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-10-8 369256]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-10-20 123496]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]

R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-8-29 38224]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-31 136176]

S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-10-19 8192]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 Spyder2;ColorVision Spyder2;c:\windows\system32\drivers\Spyder2.sys [2009-3-11 12288]

S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 tvnserver;TightVNC Server;c:\users\henrik\appdata\local\crossloop\tvnserver.exe [2010-10-9 814080]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-29 1343400]

=============== Created Last 30 ================

2011-01-08 11:45:40 709456 ----a-w- c:\windows\isRS-000.tmp

2011-01-08 11:42:48 -------- d-----w- c:\users\henrik\appdata\roaming\Malwarebytes

2011-01-08 11:31:39 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{3ef51e48-6831-4d9d-9ece-3008a63e04aa}\mpengine.dll

2011-01-07 10:01:51 -------- d-----w- c:\program files\common files\Macrovision Shared

2011-01-07 10:01:33 -------- d-----w- c:\program files\Rosetta Stone

2011-01-07 10:01:33 -------- d-----w- c:\progra~2\Rosetta Stone

2011-01-07 02:29:53 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{70bb658e-8cb6-4694-a0f8-b25fc7b94e2b}\gapaengine.dll

2011-01-06 13:19:14 -------- d-----w- c:\users\henrik\appdata\roaming\Extensis

2011-01-06 13:19:14 -------- d-----w- c:\progra~2\Extensis

2011-01-06 13:19:13 -------- d-----w- c:\users\henrik\appdata\local\Extensis

2011-01-06 13:18:32 -------- d-----w- c:\program files\Extensis

2011-01-06 13:00:52 386923 ----a-w- c:\windows\KMSAct.exe

2011-01-06 12:24:03 227840 ----a-w- c:\windows\system32\Deco_32.dll

2011-01-06 12:19:17 -------- d-----w- c:\program files\Microsoft Synchronization Services

2011-01-06 12:19:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2011-01-06 12:18:06 -------- d-----w- c:\program files\Microsoft Analysis Services

2011-01-06 12:17:33 -------- d-----w- c:\program files\Microsoft Office 2010

2011-01-06 11:50:43 -------- d-----w- c:\windows\system32\3001

2011-01-06 10:47:08 -------- d-----w- c:\users\henrik\appdata\roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2011-01-06 10:04:11 90112 ----a-w- c:\windows\unvise32.exe

2011-01-06 10:03:58 -------- d-----w- c:\program files\ColorVision

2011-01-06 09:06:34 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll

2011-01-06 09:06:15 240008 ----a-w- c:\windows\system32\drivers\netio.sys

2011-01-06 09:05:50 -------- d-----w- c:\program files\Microsoft Security Client

2011-01-06 08:59:58 -------- d-----w- c:\users\henrik\appdata\local\Evernote

2011-01-05 15:33:12 -------- d-----w- c:\program files\Evernote

2011-01-05 04:36:10 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

2011-01-04 19:08:24 -------- d-----w- c:\program files\iPod

2011-01-04 19:08:23 -------- d-----w- c:\program files\iTunes

2010-12-13 02:34:13 -------- d-----w- c:\windows\system32\Adobe

2010-12-12 16:55:34 -------- d-----w- C:\REKO

2010-12-12 03:28:37 -------- d-----w- c:\users\henrik\appdata\roaming\IPTC-PLUS

2010-12-10 10:14:23 -------- d-----w- c:\users\henrik\appdata\roaming\PDF Writer

2010-12-10 10:14:23 -------- d-----w- c:\users\henrik\appdata\local\PDF Writer

2010-12-10 10:14:23 -------- d-----w- c:\progra~2\PDF Writer

2010-12-10 10:08:55 90624 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPWN7.DLL

2010-12-10 10:06:37 227840 ----a-w- c:\windows\system32\bzFlRdr.dll

2010-12-10 10:06:37 103424 ----a-w- c:\windows\system32\bzDCT.dll

2010-12-10 10:06:37 -------- d-----w- c:\program files\common files\Bullzip

2010-12-10 10:06:36 135168 ----a-w- c:\windows\system32\bzpdfc.dll

2010-12-10 10:06:33 196096 ----a-w- c:\windows\system32\bzpdf.dll

2010-12-10 10:06:22 140288 ----a-w- c:\windows\system32\comdlg32.OCX

2010-12-10 10:06:21 -------- d-----w- c:\program files\Bullzip

==================== Find3M ====================

2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr

2010-11-29 09:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 09:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-17 10:20:42 375808 ----a-w- c:\windows\system32\fmcore.cpl

2010-11-12 10:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-07 04:12:08 87608 ----a-w- c:\users\henrik\appdata\roaming\inst.exe

2010-11-07 04:12:08 47360 ----a-w- c:\users\henrik\appdata\roaming\pcouffin.sys

2010-11-06 18:09:08 22 ----a-w- c:\windows\system32\systeminfo3.dll

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys

2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll

2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-19 02:53:04 8192 ----a-w- c:\windows\system32\srvany.exe

2010-10-16 04:41:02 101760 ----a-w- c:\windows\system32\consent.exe

2010-10-16 04:36:10 314368 ----a-w- c:\windows\system32\webio.dll

============= FINISH: 20:20:02,70 ===============

henkis · January 8, 2011

I now see that I missed getting the log files uploaded! Just now I also managed to get through the GMER search tool and will attach the ark.txt log to that file as well! Hope that helps clarifying things! :blink:

Attach.zip

kahdah · January 8, 2011

Hello henkis

Welcome to Malwarebytes.

Please also post the tdsskiller log showing the infection.

=====================

Download OTL to your desktop.
Double click on OTL to run it.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

henkis · January 8, 2011

Thanks for reading my post and taking the time to help me! Here is the information you are looking for:

Please also post the tdsskiller log showing the infection.

TDDSKiller Report

2011/01/08 22:53:35.0525 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2011/01/08 22:53:35.0525 ================================================================================

2011/01/08 22:53:35.0525 SystemInfo:

2011/01/08 22:53:35.0525

2011/01/08 22:53:35.0525 OS Version: 6.1.7600 ServicePack: 0.0

2011/01/08 22:53:35.0525 Product type: Workstation

2011/01/08 22:53:35.0525 ComputerName: SONIA-PC

2011/01/08 22:53:35.0526 UserName: Henrik

2011/01/08 22:53:35.0526 Windows directory: C:\Windows

2011/01/08 22:53:35.0526 System windows directory: C:\Windows

2011/01/08 22:53:35.0526 Processor architecture: Intel x86

2011/01/08 22:53:35.0526 Number of processors: 4

2011/01/08 22:53:35.0526 Page size: 0x1000

2011/01/08 22:53:35.0526 Boot type: Normal boot

2011/01/08 22:53:35.0526 ================================================================================

2011/01/08 22:53:51.0561 Initialize success

2011/01/08 22:54:03.0413 ================================================================================

2011/01/08 22:54:03.0413 Scan started

2011/01/08 22:54:03.0413 Mode: Manual;

2011/01/08 22:54:03.0413 ================================================================================

2011/01/08 22:54:03.0618 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS

\1394ohci.sys

2011/01/08 22:54:03.0656 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS

\ACPI.sys

2011/01/08 22:54:03.0678 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS

\acpipmi.sys

2011/01/08 22:54:03.0699 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS

\adp94xx.sys

2011/01/08 22:54:03.0719 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS

\adpahci.sys

2011/01/08 22:54:03.0737 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS

\adpu320.sys

2011/01/08 22:54:03.0782 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers

\afd.sys

2011/01/08 22:54:03.0797 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS

\agp440.sys

2011/01/08 22:54:03.0843 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS

\djsvs.sys

2011/01/08 22:54:03.0861 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS

\aliide.sys

2011/01/08 22:54:03.0876 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS

\amdagp.sys

2011/01/08 22:54:03.0891 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS

\amdide.sys

2011/01/08 22:54:03.0908 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS

\amdk8.sys

2011/01/08 22:54:03.0924 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS

\amdppm.sys

2011/01/08 22:54:03.0943 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS

\amdsata.sys

2011/01/08 22:54:03.0960 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS

\amdsbs.sys

2011/01/08 22:54:03.0974 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS

\amdxata.sys

2011/01/08 22:54:04.0039 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers

\appid.sys

2011/01/08 22:54:04.0073 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS

\arc.sys

2011/01/08 22:54:04.0088 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS

\arcsas.sys

2011/01/08 22:54:04.0147 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS

\asyncmac.sys

2011/01/08 22:54:04.0173 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS

\atapi.sys

2011/01/08 22:54:04.0225 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS

\bxvbdx.sys

2011/01/08 22:54:04.0248 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS

\b57nd60x.sys

2011/01/08 22:54:04.0291 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers

\Beep.sys

2011/01/08 22:54:04.0312 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS

\blbdrive.sys

2011/01/08 22:54:04.0333 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS

\bowser.sys

2011/01/08 22:54:04.0347 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS

\BrFiltLo.sys

2011/01/08 22:54:04.0362 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS

\BrFiltUp.sys

2011/01/08 22:54:04.0410 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers

\Brserid.sys

2011/01/08 22:54:04.0439 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers

\BrSerWdm.sys

2011/01/08 22:54:04.0453 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers

\BrUsbMdm.sys

2011/01/08 22:54:04.0468 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers

\BrUsbSer.sys

2011/01/08 22:54:04.0505 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS

\BthEnum.sys

2011/01/08 22:54:04.0520 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS

\bthmodem.sys

2011/01/08 22:54:04.0537 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS

\bthpan.sys

2011/01/08 22:54:04.0587 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers

\BTHport.sys

2011/01/08 22:54:04.0617 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers

\BTHUSB.sys

2011/01/08 22:54:04.0654 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\Windows\system32\drivers

\btusbflt.sys

2011/01/08 22:54:04.0693 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS

\cdfs.sys

2011/01/08 22:54:04.0717 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS

\cdrom.sys

2011/01/08 22:54:04.0764 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS

\circlass.sys

2011/01/08 22:54:04.0809 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

2011/01/08 22:54:04.0838 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS

\CmBatt.sys

2011/01/08 22:54:04.0853 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS

\cmdide.sys

2011/01/08 22:54:04.0884 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers

\cng.sys

2011/01/08 22:54:04.0900 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS

\compbatt.sys

2011/01/08 22:54:04.0934 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS

\CompositeBus.sys

2011/01/08 22:54:04.0952 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS

\crcdisk.sys

2011/01/08 22:54:05.0005 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers

\csc.sys

2011/01/08 22:54:05.0037 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers

\dfsc.sys

2011/01/08 22:54:05.0060 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers

\discache.sys

2011/01/08 22:54:05.0076 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS

\disk.sys

2011/01/08 22:54:05.0108 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS

\Dot4.sys

2011/01/08 22:54:05.0129 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\Windows\system32\DRIVERS

\Dot4Prt.sys

2011/01/08 22:54:05.0143 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS

\dot4usb.sys

2011/01/08 22:54:05.0179 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers

\drmkaud.sys

2011/01/08 22:54:05.0227 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers

\dxgkrnl.sys

2011/01/08 22:54:05.0277 e1express (cf0a6015f437161698c5b2a0a12cf052) C:\Windows\system32\DRIVERS

\e1e6032.sys

2011/01/08 22:54:05.0365 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS

\evbdx.sys

2011/01/08 22:54:05.0479 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers

\ElbyCDIO.sys

2011/01/08 22:54:05.0499 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS

\elxstor.sys

2011/01/08 22:54:05.0515 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS

\errdev.sys

2011/01/08 22:54:05.0544 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers

\exfat.sys

2011/01/08 22:54:05.0566 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers

\fastfat.sys

2011/01/08 22:54:05.0584 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS

\fdc.sys

2011/01/08 22:54:05.0607 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers

\fileinfo.sys

2011/01/08 22:54:05.0630 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers

\filetrace.sys

2011/01/08 22:54:05.0650 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS

\flpydisk.sys

2011/01/08 22:54:05.0668 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers

\fltmgr.sys

2011/01/08 22:54:05.0702 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers

\FsDepends.sys

2011/01/08 22:54:05.0727 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers

\Fs_Rec.sys

2011/01/08 22:54:05.0759 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS

\fvevol.sys

2011/01/08 22:54:05.0790 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS

\gagp30kx.sys

2011/01/08 22:54:05.0821 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS

\GEARAspiWDM.sys

2011/01/08 22:54:05.0847 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers

\hcw85cir.sys

2011/01/08 22:54:05.0878 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers

\HdAudio.sys

2011/01/08 22:54:05.0907 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS

\HDAudBus.sys

2011/01/08 22:54:05.0923 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS

\HidBatt.sys

2011/01/08 22:54:05.0938 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS

\hidbth.sys

2011/01/08 22:54:05.0954 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS

\hidir.sys

2011/01/08 22:54:06.0009 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS

\hidusb.sys

2011/01/08 22:54:06.0037 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS

\HpSAMD.sys

2011/01/08 22:54:06.0075 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers

\HTTP.sys

2011/01/08 22:54:06.0093 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers

\hwpolicy.sys

2011/01/08 22:54:06.0111 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS

\i8042prt.sys

2011/01/08 22:54:06.0130 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS

\iaStorV.sys

2011/01/08 22:54:06.0150 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS

\iirsp.sys

2011/01/08 22:54:06.0269 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers

\RTKVHDA.sys

2011/01/08 22:54:06.0323 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS

\intelide.sys

2011/01/08 22:54:06.0350 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS

\intelppm.sys

2011/01/08 22:54:06.0386 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS

\ipfltdrv.sys

2011/01/08 22:54:06.0422 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS

\IPMIDrv.sys

2011/01/08 22:54:06.0441 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers

\ipnat.sys

2011/01/08 22:54:06.0487 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers

\irenum.sys

2011/01/08 22:54:06.0501 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS

\isapnp.sys

2011/01/08 22:54:06.0531 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS

\msiscsi.sys

2011/01/08 22:54:06.0560 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS

\kbdclass.sys

2011/01/08 22:54:06.0589 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS

\kbdhid.sys

2011/01/08 22:54:06.0616 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers

\ksecdd.sys

2011/01/08 22:54:06.0653 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers

\ksecpkg.sys

2011/01/08 22:54:06.0703 LHidFilt (b68309f25c5787385da842eb5b496958) C:\Windows\system32\DRIVERS

\LHidFilt.Sys

2011/01/08 22:54:06.0732 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS

\lltdio.sys

2011/01/08 22:54:06.0756 LMouFilt (63d3b1d3cd267fcc186a0146b80d453b) C:\Windows\system32\DRIVERS

\LMouFilt.Sys

2011/01/08 22:54:06.0778 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS

\lsi_fc.sys

2011/01/08 22:54:06.0795 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS

\lsi_sas.sys

2011/01/08 22:54:06.0829 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS

\lsi_sas2.sys

2011/01/08 22:54:06.0845 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS

\lsi_scsi.sys

2011/01/08 22:54:06.0861 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers

\luafv.sys

2011/01/08 22:54:06.0894 LUsbFilt (0c62957912d4df1e4ba9795e6be3ed38) C:\Windows\system32\Drivers

\LUsbFilt.Sys

2011/01/08 22:54:06.0913 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS

\megasas.sys

2011/01/08 22:54:06.0947 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS

\MegaSR.sys

2011/01/08 22:54:06.0975 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers

\modem.sys

2011/01/08 22:54:07.0020 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS

\monitor.sys

2011/01/08 22:54:07.0040 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS

\mouclass.sys

2011/01/08 22:54:07.0080 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS

\mouhid.sys

2011/01/08 22:54:07.0096 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers

\mountmgr.sys

2011/01/08 22:54:07.0145 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS

\MpFilter.sys

2011/01/08 22:54:07.0178 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS

\mpio.sys

2011/01/08 22:54:07.0208 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS

\MpNWMon.sys

2011/01/08 22:54:07.0229 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers

\mpsdrv.sys

2011/01/08 22:54:07.0270 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers

\mrxdav.sys

2011/01/08 22:54:07.0294 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS

\mrxsmb.sys

2011/01/08 22:54:07.0312 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS

\mrxsmb10.sys

2011/01/08 22:54:07.0328 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS

\mrxsmb20.sys

2011/01/08 22:54:07.0343 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS

\msahci.sys

2011/01/08 22:54:07.0360 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS

\msdsm.sys

2011/01/08 22:54:07.0386 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers

\Msfs.sys

2011/01/08 22:54:07.0421 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers

\mshidkmdf.sys

2011/01/08 22:54:07.0435 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS

\msisadrv.sys

2011/01/08 22:54:07.0460 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers

\MSKSSRV.sys

2011/01/08 22:54:07.0502 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers

\MSPCLOCK.sys

2011/01/08 22:54:07.0517 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers

\MSPQM.sys

2011/01/08 22:54:07.0543 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers

\MsRPC.sys

2011/01/08 22:54:07.0568 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS

\mssmbios.sys

2011/01/08 22:54:07.0582 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers

\MSTEE.sys

2011/01/08 22:54:07.0599 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS

\MTConfig.sys

2011/01/08 22:54:07.0623 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers

\mup.sys

2011/01/08 22:54:07.0666 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS

\nwifi.sys

2011/01/08 22:54:07.0691 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers

\ndis.sys

2011/01/08 22:54:07.0713 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS

\ndiscap.sys

2011/01/08 22:54:07.0744 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS

\ndistapi.sys

2011/01/08 22:54:07.0760 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS

\ndisuio.sys

2011/01/08 22:54:07.0777 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS

\ndiswan.sys

2011/01/08 22:54:07.0802 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers

\NDProxy.sys

2011/01/08 22:54:07.0818 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS

\netbios.sys

2011/01/08 22:54:07.0840 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS

\netbt.sys

2011/01/08 22:54:07.0887 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS

\nfrd960.sys

2011/01/08 22:54:07.0939 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS

\NisDrvWFP.sys

2011/01/08 22:54:08.0015 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers

\ccdcmb.sys

2011/01/08 22:54:08.0039 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers

\ccdcmbo.sys

2011/01/08 22:54:08.0075 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers

\Npfs.sys

2011/01/08 22:54:08.0100 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers

\nsiproxy.sys

2011/01/08 22:54:08.0149 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers

\Ntfs.sys

2011/01/08 22:54:08.0179 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers

\Null.sys

2011/01/08 22:54:08.0239 NVHDA (0e40ef12bc029ff8b13043f157452c47) C:\Windows\system32\drivers

\nvhda32v.sys

2011/01/08 22:54:08.0466 nvlddmkm (583e0be0c10d0a74fd0e7e33c75f49bb) C:\Windows\system32\DRIVERS

\nvlddmkm.sys

2011/01/08 22:54:08.0682 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS

\nvraid.sys

2011/01/08 22:54:08.0697 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS

\nvstor.sys

2011/01/08 22:54:08.0717 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS

\nv_agp.sys

2011/01/08 22:54:08.0738 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS

\ohci1394.sys

2011/01/08 22:54:08.0795 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS

\parport.sys

2011/01/08 22:54:08.0810 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers

\partmgr.sys

2011/01/08 22:54:08.0825 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS

\parvdm.sys

2011/01/08 22:54:08.0858 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS

\pccsmcfd.sys

2011/01/08 22:54:08.0876 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS

\pci.sys

2011/01/08 22:54:08.0891 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS

\pciide.sys

2011/01/08 22:54:08.0909 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS

\pcmcia.sys

2011/01/08 22:54:08.0934 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers

\pcouffin.sys

2011/01/08 22:54:08.0950 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers

\pcw.sys

2011/01/08 22:54:08.0986 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers

\peauth.sys

2011/01/08 22:54:09.0042 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS

\raspptp.sys

2011/01/08 22:54:09.0069 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS

\processr.sys

2011/01/08 22:54:09.0101 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS

\pacer.sys

2011/01/08 22:54:09.0127 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers

\PxHelp20.sys

2011/01/08 22:54:09.0158 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS

\ql2300.sys

2011/01/08 22:54:09.0186 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS

\ql40xx.sys

2011/01/08 22:54:09.0221 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers

\qwavedrv.sys

2011/01/08 22:54:09.0256 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS

\rasacd.sys

2011/01/08 22:54:09.0291 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS

\AgileVpn.sys

2011/01/08 22:54:09.0311 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS

\rasl2tp.sys

2011/01/08 22:54:09.0331 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS

\raspppoe.sys

2011/01/08 22:54:09.0348 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS

\rassstp.sys

2011/01/08 22:54:09.0374 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS

\rdbss.sys

2011/01/08 22:54:09.0389 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS

\rdpbus.sys

2011/01/08 22:54:09.0417 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS

\RDPCDD.sys

2011/01/08 22:54:09.0448 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers

\rdpdr.sys

2011/01/08 22:54:09.0481 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers

\rdpencdd.sys

2011/01/08 22:54:09.0501 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers

\rdprefmp.sys

2011/01/08 22:54:09.0528 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers

\RDPWD.sys

2011/01/08 22:54:09.0546 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers

\rdyboost.sys

2011/01/08 22:54:09.0599 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS

\rfcomm.sys

2011/01/08 22:54:09.0649 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS

\rspndr.sys

2011/01/08 22:54:09.0698 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS

\Rt86win7.sys

2011/01/08 22:54:09.0730 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS

\vms3cap.sys

2011/01/08 22:54:09.0751 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS

\sbp2port.sys

2011/01/08 22:54:09.0788 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS

\scfilter.sys

2011/01/08 22:54:09.0822 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers

\secdrv.sys

2011/01/08 22:54:09.0848 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS

\serenum.sys

2011/01/08 22:54:09.0865 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS

\serial.sys

2011/01/08 22:54:09.0880 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS

\sermouse.sys

2011/01/08 22:54:09.0943 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS

\sffdisk.sys

2011/01/08 22:54:09.0960 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS

\sffp_mmc.sys

2011/01/08 22:54:09.0977 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS

\sffp_sd.sys

2011/01/08 22:54:09.0993 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS

\sfloppy.sys

2011/01/08 22:54:10.0017 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS

\sisagp.sys

2011/01/08 22:54:10.0033 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS

\SiSRaid2.sys

2011/01/08 22:54:10.0066 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS

\sisraid4.sys

2011/01/08 22:54:10.0093 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS

\smb.sys

2011/01/08 22:54:10.0130 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers

\spldr.sys

2011/01/08 22:54:10.0208 Spyder2 (527bbe1a1e98e634b540325491927efe) C:\Windows\system32\DRIVERS

\Spyder2.sys

2011/01/08 22:54:10.0239 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS

\srv.sys

2011/01/08 22:54:10.0263 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS

\srv2.sys

2011/01/08 22:54:10.0280 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS

\srvnet.sys

2011/01/08 22:54:10.0334 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers

\StarOpen.sys

2011/01/08 22:54:10.0355 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS

\stexstor.sys

2011/01/08 22:54:10.0375 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS

\vmstorfl.sys

2011/01/08 22:54:10.0393 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS

\storvsc.sys

2011/01/08 22:54:10.0425 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS

\swenum.sys

2011/01/08 22:54:10.0486 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers

\tcpip.sys

2011/01/08 22:54:10.0524 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS

\tcpip.sys

2011/01/08 22:54:10.0563 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers

\tcpipreg.sys

2011/01/08 22:54:10.0591 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers

\tdpipe.sys

2011/01/08 22:54:10.0616 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers

\tdtcp.sys

2011/01/08 22:54:10.0642 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS

\tdx.sys

2011/01/08 22:54:10.0656 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS

\termdd.sys

2011/01/08 22:54:10.0707 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS

\tssecsrv.sys

2011/01/08 22:54:10.0725 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS

\tunnel.sys

2011/01/08 22:54:10.0746 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS

\uagp35.sys

2011/01/08 22:54:10.0776 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS

\udfs.sys

2011/01/08 22:54:10.0804 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS

\uliagpkx.sys

2011/01/08 22:54:10.0822 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS

\umbus.sys

2011/01/08 22:54:10.0838 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS

\umpass.sys

2011/01/08 22:54:10.0871 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS

\usbser_lowerflt.sys

2011/01/08 22:54:10.0913 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers

\usbaudio.sys

2011/01/08 22:54:10.0947 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS

\usbccgp.sys

2011/01/08 22:54:10.0962 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS

\usbcir.sys

2011/01/08 22:54:10.0992 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS

\usbehci.sys

2011/01/08 22:54:11.0011 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS

\usbhub.sys

2011/01/08 22:54:11.0027 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS

\usbohci.sys

2011/01/08 22:54:11.0053 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS

\usbprint.sys

2011/01/08 22:54:11.0083 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS

\usbscan.sys

2011/01/08 22:54:11.0111 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers

\usbser.sys

2011/01/08 22:54:11.0135 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS

\usbser_lowerfltj.sys

2011/01/08 22:54:11.0151 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS

\USBSTOR.SYS

2011/01/08 22:54:11.0181 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS

\usbuhci.sys

2011/01/08 22:54:11.0209 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers

\usbvideo.sys

2011/01/08 22:54:11.0237 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS

\VClone.sys

2011/01/08 22:54:11.0268 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS

\vdrvroot.sys

2011/01/08 22:54:11.0290 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS

\vgapnp.sys

2011/01/08 22:54:11.0312 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers

\vga.sys

2011/01/08 22:54:11.0328 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS

\vhdmp.sys

2011/01/08 22:54:11.0344 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS

\viaagp.sys

2011/01/08 22:54:11.0361 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS

\viac7.sys

2011/01/08 22:54:11.0378 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS

\viaide.sys

2011/01/08 22:54:11.0397 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS

\vmbus.sys

2011/01/08 22:54:11.0413 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS

\VMBusHID.sys

2011/01/08 22:54:11.0429 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS

\volmgr.sys

2011/01/08 22:54:11.0448 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers

\volmgrx.sys

2011/01/08 22:54:11.0466 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS

\volsnap.sys

2011/01/08 22:54:11.0496 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS

\vsmraid.sys

2011/01/08 22:54:11.0531 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers

\vwifibus.sys

2011/01/08 22:54:11.0555 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS

\wacompen.sys

2011/01/08 22:54:11.0573 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS

\wanarp.sys

2011/01/08 22:54:11.0587 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS

\wanarp.sys

2011/01/08 22:54:11.0623 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

2011/01/08 22:54:11.0643 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers

\Wdf01000.sys

2011/01/08 22:54:11.0691 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS

\wfplwf.sys

2011/01/08 22:54:11.0725 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers

\wimmount.sys

2011/01/08 22:54:11.0782 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS

\WinUsb.sys

2011/01/08 22:54:11.0802 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS

\wmiacpi.sys

2011/01/08 22:54:11.0854 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers

\ws2ifsl.sys

2011/01/08 22:54:11.0891 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers

\WudfPf.sys

2011/01/08 22:54:11.0912 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS

\WUDFRd.sys

2011/01/08 22:54:12.0617 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0)

2011/01/08 22:54:12.0686 ================================================================================

2011/01/08 22:54:12.0687 Scan finished

2011/01/08 22:54:12.0687 ================================================================================

2011/01/08 22:54:12.0700 Detected object count: 1

2011/01/08 22:54:29.0358 \HardDisk1 - will be cured after reboot

2011/01/08 22:54:29.0359 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure

[*]Please copy the contents of these files, one at a time, and post it with your next reply.

OTL: Otl Report

OTL logfile created on: 2011-01-08 22:58:31 - Run 1

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Henrik\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free

5,00 Gb Paging File | 4,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465,76 Gb Total Space | 301,30 Gb Free Space | 64,69% Space Free | Partition Type: NTFS

Drive D: | 391,61 Gb Total Space | 49,98 Gb Free Space | 12,76% Space Free | Partition Type: NTFS

Drive G: | 931,51 Gb Total Space | 93,81 Gb Free Space | 10,07% Space Free | Partition Type: NTFS

Drive K: | 931,51 Gb Total Space | 286,09 Gb Free Space | 30,71% Space Free | Partition Type: NTFS

Drive X: | 64,11 Gb Total Space | 21,11 Gb Free Space | 32,93% Space Free | Partition Type: NTFS

Drive Y: | 3,73 Gb Total Space | 0,01 Gb Free Space | 0,15% Space Free | Partition Type: FAT32

Drive Z: | 10,00 Gb Total Space | 5,21 Gb Free Space | 52,14% Space Free | Partition Type: NTFS

Computer Name: SONIA-PC | User Name: Henrik | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Henrik\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Users\Henrik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)

PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)

PRC - C:\Users\Henrik\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)

PRC - C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)

PRC - C:\Program Files\Launchy\Launchy.exe ()

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

PRC - C:\Program Files\Everything\Everything.exe ()

PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Henrik\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SRV - (KMService) -- C:\Windows\System32\srvany.exe ()

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (nlsX86cc) -- C:\Windows\System32\nlssrv32.exe (Nalpeiron Ltd.)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (CrossLoopService) -- C:\Users\Henrik\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)

SRV - (tvnserver) -- C:\Users\Henrik\AppData\Local\CrossLoop\tvnserver.exe (GlavSoft LLC.)

SRV - (astcc) -- C:\Windows\System32\ASTSRV.EXE (Nalpeiron Ltd.)

SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()

SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)

SRV - (AERTFilters) -- C:\Windows\System32\AERTSrv.exe (Andrea Electronics Corporation)

========== Driver Services (SafeList) ==========

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)

DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)

DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)

DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)

DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)

DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)

DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()

DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (Spyder2) -- C:\Windows\System32\drivers\Spyder2.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D 47 E3 31 99 AD CB 01 [binary data]

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-12-08 20:25:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-13 09:03:39 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-13 09:03:39 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-12-08 20:25:57 | 000,000,000 | ---D | M]

[2011-01-06 09:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010-08-29 19:46:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010-08-29 19:51:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010-10-18 13:59:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011-01-06 09:00:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010-07-23 10:07:09 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2010-07-23 10:07:10 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010-10-20 19:48:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

[2010-07-23 10:07:11 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2006-10-26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2010-12-13 09:03:39 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2010-07-23 07:41:04 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2010-07-23 07:41:04 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml

[2010-07-23 07:41:04 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml

[2010-07-23 07:41:04 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2010-07-23 07:41:04 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2010-07-23 07:41:04 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2010-07-23 07:41:04 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010-09-06 11:48:12 | 000,000,858 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O2 - BHO: (Groove GFS Browser Helper) - {34A73C17-11A9-6D7C-0B3C-47BB01A225E1} - C:\Windows\System32\kbbdax2.dll ()

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [bluetooth Connection Assistant] File not found

O4 - HKLM..\Run: [Display] C:\Program Files\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe (American Power Conversion Corporation)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [C:!Users!Henrik!AppData!Local!Google!Chrome!User Data_service_run] C:\Users\Henrik\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKCU..\Run: [Flock Update] C:\Users\Henrik\AppData\Local\Flock\Update\FlockUpdate.exe (Google Inc.)

O4 - HKCU..\Run: [Google Update] C:\Users\Henrik\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - Startup: C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ComplaintFreeWorld.lnk = C:\Program Files\ComplaintFreeWorld\ComplaintFreeWorld.exe File not found

O4 - Startup: C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Henrik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2006-09-19 05:43:36 | 000,000,024 | ---- | M] () - X:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-01-08 22:53:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Henrik\Desktop\OTL.exe

[2011-01-08 20:39:39 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\KeePass

[2011-01-08 19:42:48 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\Malwarebytes

[2011-01-08 19:32:37 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Henrik\Desktop\23kjasd123.com.exe

[2011-01-07 18:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone

[2011-01-07 18:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared

[2011-01-07 18:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone

[2011-01-07 18:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Rosetta Stone

[2011-01-07 12:39:04 | 000,000,000 | ---D | C] -- C:\Users\Henrik\Desktop\Photography Logos

[2011-01-06 21:19:14 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\Extensis

[2011-01-06 21:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Extensis

[2011-01-06 21:19:13 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Local\Extensis

[2011-01-06 21:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extensis

[2011-01-06 21:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Extensis

[2011-01-06 20:24:03 | 000,227,840 | ---- | C] (Iterated Systems, Inc.) -- C:\Windows\System32\Deco_32.dll

[2011-01-06 20:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2011-01-06 20:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services

[2011-01-06 20:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2011-01-06 20:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services

[2011-01-06 20:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 2010

[2011-01-06 19:50:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\3001

[2011-01-06 18:47:08 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011-01-06 18:04:11 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe

[2011-01-06 18:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorVision

[2011-01-06 18:03:58 | 000,000,000 | ---D | C] -- C:\Program Files\ColorVision

[2011-01-06 17:07:09 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake

[2011-01-06 17:06:15 | 000,240,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys

[2011-01-06 17:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2011-01-06 16:59:58 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Local\Evernote

[2011-01-06 09:00:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011-01-06 09:00:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011-01-06 09:00:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011-01-05 23:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

[2011-01-05 23:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Evernote

[2011-01-05 03:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011-01-05 03:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011-01-05 03:08:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011-01-04 23:20:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2011-01-04 23:20:46 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2011-01-04 23:20:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011-01-04 23:20:45 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011-01-04 23:20:45 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011-01-04 23:20:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011-01-04 23:20:45 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011-01-04 23:20:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011-01-04 23:20:44 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011-01-04 23:20:44 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011-01-04 23:20:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011-01-04 23:20:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011-01-04 23:20:33 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll

[2011-01-04 23:20:33 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll

[2011-01-04 23:20:33 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll

[2011-01-04 23:20:33 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe

[2011-01-04 23:20:28 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011-01-04 23:20:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011-01-04 23:20:27 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll

[2011-01-04 23:20:25 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2011-01-04 23:20:17 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010-12-13 10:34:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe

[2010-12-13 09:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2010-12-13 09:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010-12-13 00:55:34 | 000,000,000 | ---D | C] -- C:\REKO

[2010-12-13 00:51:41 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Merus Partner AB

[2010-12-12 22:10:21 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\Mozilla

[2010-12-12 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\vlc

[2010-12-12 11:28:37 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\IPTC-PLUS

[2010-12-12 11:27:43 | 000,000,000 | ---D | C] -- C:\Users\Henrik\Documents\Adobe Scripts

[2010-12-12 11:26:56 | 000,000,000 | ---D | C] -- C:\Users\Henrik\Desktop\IPTC-PLUS-PhotoMetadata-Toolkit-for-AdobeCS

[2010-12-11 08:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2010-12-10 18:14:23 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Roaming\PDF Writer

[2010-12-10 18:14:23 | 000,000,000 | ---D | C] -- C:\Users\Henrik\AppData\Local\PDF Writer

[2010-12-10 18:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer

[2010-12-10 18:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip

[2010-12-10 18:06:37 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\System32\bzFlRdr.dll

[2010-12-10 18:06:37 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\System32\bzDCT.dll

[2010-12-10 18:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip

[2010-12-10 18:06:36 | 000,135,168 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdfc.dll

[2010-12-10 18:06:33 | 000,196,096 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdf.dll

[2010-12-10 18:06:22 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.OCX

[2010-12-10 18:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip

[2010-11-07 02:07:58 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Henrik\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011-01-08 22:53:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Henrik\Desktop\OTL.exe

[2011-01-08 22:45:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001UA.job

[2011-01-08 22:45:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011-01-08 22:29:34 | 000,008,079 | ---- | M] () -- C:\Users\Henrik\Desktop\Attach.zip

[2011-01-08 22:15:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001UA.job

[2011-01-08 22:13:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\FlockUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004UA.job

[2011-01-08 22:10:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004UA.job

[2011-01-08 21:12:58 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011-01-08 21:12:58 | 000,012,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011-01-08 21:07:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011-01-08 21:07:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011-01-08 21:07:27 | 518,704,358 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011-01-08 21:07:27 | 2213,154,816 | -HS- | M] () -- C:\hiberfil.sys

[2011-01-08 20:17:52 | 000,296,448 | ---- | M] () -- C:\Users\Henrik\Desktop\fsdkjler345.exe

[2011-01-08 20:16:55 | 000,624,128 | ---- | M] () -- C:\Users\Henrik\Desktop\dds.scr

[2011-01-08 20:16:32 | 000,000,000 | ---- | M] () -- C:\Users\Henrik\defogger_reenable

[2011-01-08 20:15:59 | 000,050,477 | ---- | M] () -- C:\Users\Henrik\Desktop\Defogger.exe

[2011-01-08 20:00:00 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At10.job

[2011-01-08 19:15:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001Core.job

[2011-01-08 19:03:16 | 003,803,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At9.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At8.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At7.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At6.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At5.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At4.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At3.job

[2011-01-08 12:26:15 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At1.job

[2011-01-08 11:13:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\FlockUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004Core.job

[2011-01-08 11:10:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004Core.job

[2011-01-08 03:01:26 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001Core.job

[2011-01-06 20:30:11 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At2.job

[2011-01-06 18:04:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Spyder2_01001.Wdf

[2011-01-06 18:04:11 | 000,001,304 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorVisionStartup.lnk

[2011-01-06 18:00:11 | 000,001,060 | ---- | M] () -- C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ComplaintFreeWorld.lnk

[2011-01-06 17:08:26 | 000,001,028 | ---- | M] () -- C:\Users\Henrik\Desktop\Dropbox.lnk

[2011-01-06 17:08:26 | 000,001,008 | ---- | M] () -- C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2011-01-06 17:07:17 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif

[2011-01-06 17:07:09 | 000,000,988 | ---- | M] () -- C:\Users\Henrik\Desktop\Handbrake.lnk

[2011-01-06 17:07:01 | 000,670,006 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011-01-06 17:07:01 | 000,124,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011-01-06 16:59:57 | 000,002,513 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk

[2011-01-05 23:33:18 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\Evernote.lnk

[2011-01-05 03:08:52 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010-12-20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010-12-20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010-12-16 09:47:52 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Henrik\Desktop\23kjasd123.com.exe

[2010-12-11 08:27:30 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010-12-10 10:11:29 | 000,334,769 | ---- | M] () -- C:\Users\Henrik\Desktop\2010-11-21 akasha live (6).JPG

[2010-12-10 10:09:42 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 3.3.lnk

========== Files Created - No Company Name ==========

[2011-01-08 21:19:26 | 000,008,079 | ---- | C] () -- C:\Users\Henrik\Desktop\Attach.zip

[2011-01-08 20:17:46 | 000,296,448 | ---- | C] () -- C:\Users\Henrik\Desktop\fsdkjler345.exe

[2011-01-08 20:16:45 | 000,624,128 | ---- | C] () -- C:\Users\Henrik\Desktop\dds.scr

[2011-01-08 20:16:32 | 000,000,000 | ---- | C] () -- C:\Users\Henrik\defogger_reenable

[2011-01-08 20:15:58 | 000,050,477 | ---- | C] () -- C:\Users\Henrik\Desktop\Defogger.exe

[2011-01-08 10:11:33 | 518,704,358 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2011-01-06 20:40:57 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At10.job

[2011-01-06 20:36:04 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At9.job

[2011-01-06 20:36:00 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At8.job

[2011-01-06 20:33:52 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At7.job

[2011-01-06 20:33:05 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At6.job

[2011-01-06 20:27:33 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At5.job

[2011-01-06 20:26:08 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At4.job

[2011-01-06 20:25:46 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At3.job

[2011-01-06 19:50:41 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At2.job

[2011-01-06 18:04:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Spyder2_01001.Wdf

[2011-01-06 18:04:08 | 000,001,304 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorVisionStartup.lnk

[2011-01-06 17:07:17 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif

[2011-01-06 17:06:23 | 000,000,988 | ---- | C] () -- C:\Users\Henrik\Desktop\Handbrake.lnk

[2011-01-05 23:33:18 | 000,002,513 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk

[2011-01-05 23:33:18 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\Evernote.lnk

[2011-01-05 03:08:52 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010-12-11 08:27:30 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010-12-10 10:11:22 | 000,334,769 | ---- | C] () -- C:\Users\Henrik\Desktop\2010-11-21 akasha live (6).JPG

[2010-12-10 10:09:42 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 3.3.lnk

[2010-11-30 14:00:39 | 000,000,452 | ---- | C] () -- C:\ProgramData\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}_WiseFW.ini

[2010-11-07 02:09:08 | 000,000,022 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll

[2010-11-07 02:08:44 | 000,000,033 | ---- | C] () -- C:\Users\Henrik\AppData\Roaming\pcouffin.log

[2010-11-07 02:07:58 | 000,087,608 | ---- | C] () -- C:\Users\Henrik\AppData\Roaming\inst.exe

[2010-11-07 02:07:58 | 000,007,887 | ---- | C] () -- C:\Users\Henrik\AppData\Roaming\pcouffin.cat

[2010-11-07 02:07:58 | 000,001,144 | ---- | C] () -- C:\Users\Henrik\AppData\Roaming\pcouffin.inf

[2010-11-01 14:35:14 | 000,001,456 | ---- | C] () -- C:\Users\Henrik\AppData\Local\Adobe Save for Web 12.0 Prefs

[2010-10-19 12:15:54 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010-10-19 10:25:56 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini

[2010-10-04 14:06:56 | 000,007,605 | ---- | C] () -- C:\Users\Henrik\AppData\Local\Resmon.ResmonCfg

[2010-10-04 06:16:26 | 000,302,592 | ---- | C] () -- C:\Windows\System32\HDREfexProFC32.dll

[2010-08-29 20:34:32 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2010-08-29 20:09:04 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010-08-29 20:09:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010-08-29 20:09:01 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010-08-29 20:09:01 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010-08-29 20:09:01 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-08-29 19:46:35 | 000,000,604 | -H-- | C] () -- C:\Program Files\STLL Notifier

[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009-07-14 07:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009-07-14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009-07-14 07:25:06 | 000,221,184 | ---- | C] () -- C:\Windows\System32\kbbdax2.dll

[2009-03-11 16:34:20 | 000,012,288 | ---- | C] () -- C:\Windows\System32\drivers\Spyder2.sys

========== LOP Check ==========

[2010-11-07 01:43:43 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Canneverbe Limited

[2010-12-02 18:27:39 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Canon

[2011-01-06 18:47:08 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011-01-08 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Dropbox

[2011-01-06 21:19:54 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Extensis

[2010-12-12 12:20:55 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\FileZilla

[2010-08-29 21:41:08 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Foxit Software

[2010-09-07 12:25:09 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\HandBrake

[2010-12-05 14:09:53 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\HD Tune Pro

[2010-09-06 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\HDRsoft

[2010-09-06 12:36:13 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Imagenomic

[2010-09-05 12:41:27 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\ImgBurn

[2010-12-12 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\IPTC-PLUS

[2010-09-04 11:30:47 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\IrfanView

[2011-01-08 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\KeePass

[2010-08-29 21:55:23 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Launchy

[2010-09-19 10:24:17 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Leadertech

[2010-09-04 21:53:54 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Neuratron

[2010-10-04 14:20:54 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Nik Software

[2010-09-10 17:11:57 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Nokia

[2010-09-10 17:11:58 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Nokia Ovi Suite

[2010-09-06 13:25:38 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Nonoh

[2011-01-06 20:24:02 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\onOne Software

[2010-09-06 17:48:44 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\PC Suite

[2010-12-10 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\PDF Writer

[2010-09-04 21:46:10 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\PeaZip

[2010-09-06 12:19:16 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\PTGui

[2010-09-05 12:11:25 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Publish Providers

[2010-09-05 12:11:26 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Sony

[2011-01-08 22:27:58 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\TeraCopy

[2011-01-08 17:28:26 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\uTorrent

[2010-11-07 12:12:12 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\Vso

[2011-01-08 12:26:15 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\At1.job

[2011-01-08 20:00:00 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At10.job

[2011-01-06 20:30:11 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\At2.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At3.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At4.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At5.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At6.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At7.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At8.job

[2011-01-08 19:02:43 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At9.job

[2011-01-08 11:13:00 | 000,000,856 | ---- | M] () -- C:\Windows\Tasks\FlockUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004Core.job

[2011-01-08 22:13:00 | 000,000,908 | ---- | M] () -- C:\Windows\Tasks\FlockUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1004UA.job

[2011-01-08 03:01:26 | 000,000,876 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001Core.job

[2011-01-08 22:45:00 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3929998434-2269980025-2710463542-1001UA.job

[2011-01-06 20:30:11 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:574F41BA

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:C8B8CEBD

< End of report >

Extras report in next post!

henkis · January 8, 2011

Look above for the TDDSKilles report and the first OTL text report. Here comes the remaining Extras text log from the OTL app.

OTL: Extras Report

OTL Extras logfile created on: 2011-01-08 22:58:31 - Run 1