Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Is my computer infected?

Started by obh , May 29 2009 07:43 AM

  • Please log in to reply

#1
obh
Posted 29 May 2009 - 07:43 AM

obh

    New Member

  • Member
  • Pip
  • 1 posts
My machine is booting very slowly, and at times unresponsive, though there are few running processes. Could i be somehow infected.

I hope someone could have a look at the logfiles.


Thanks in advance


OTListIt logfile created on: 29-05-2009 15:34:28 - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\obh.TURDOMAIN\Desktop\highjackthis
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 42,26 Gb Free Space | 14,81% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 3,67 Gb Free Space | 36,70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 55,86 Gb Total Space | 39,74 Gb Free Space | 71,15% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TFN8-01
Current User Name: obh
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Fingerprint Reader Suite\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe (Trend Micro Inc.)
PRC - C:\Windows\system32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\Xobni\xobniservice.exe (Xobni Corporation)
PRC - C:\WINDOWS\TEMP\OL9C8C.EXE (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe (Trend Micro Inc.)
PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\system32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\tmproxy.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Trend Micro Inc.)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe (Trend Micro Inc.)
PRC - C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - C:\Users\obh.TURDOMAIN\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Launchy\launchy.exe ()
PRC - C:\Program Files\UltraMon\UltraMon.exe (Realtime Soft Ltd)
PRC - C:\Program Files\Fingerprint Reader Suite\psqltray.exe (UPEK Inc.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\UltraMon\UltraMonTaskbar.exe (Realtime Soft Ltd)
PRC - C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Users\obh.TURDOMAIN\Desktop\highjackthis\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (AESTFilters [Auto | Stopped]) -- File not found
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (COFBC [On_Demand | Stopped]) -- File not found
SRV - (CVPND [Auto | Running]) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c9851897876280 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (LJKOZYJ [Disabled | Stopped]) -- File not found
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ntrtscan [Auto | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe (Trend Micro Inc.)
SRV - (nvsvc [Auto | Running]) -- C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Steam Client Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (tmlisten [Auto | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe (Trend Micro Inc.)
SRV - (TmPfw [On_Demand | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe (Trend Micro Inc.)
SRV - (TmProxy [On_Demand | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.)
SRV - (ufad-ws60 [On_Demand | Stopped]) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)
SRV - (VMAuthdService [Auto | Running]) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (VMnetDHCP [Auto | Running]) -- C:\Windows\system32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service [Auto | Running]) -- C:\Windows\system32\vmnat.exe (VMware, Inc.)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XobniService [Auto | Running]) -- C:\Program Files\Xobni\XobniService.exe (Xobni Corporation)

========== Driver Services (SafeList) ==========

DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (btwaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwavdt [On_Demand | Stopped]) -- C:\Windows\system32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwrchid [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (CVirtA [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\CVirtA.sys (Cisco Systems, Inc.)
DRV - (CVPNDRVA [On_Demand | Running]) -- C:\Windows\system32\Drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\dne2000.sys (Deterministic Networks, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (gbridge [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\gbridge.sys (Gbridge LLC)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hcmon [Auto | Running]) -- C:\Windows\system32\drivers\hcmon.sys (VMware, Inc.)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (lmimirr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\lmimirr.sys (LogMeIn, Inc.)
DRV - (LMIRfsClientNP [Disabled | Stopped]) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LMIRfsDriver [Auto | Running]) -- C:\Windows\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (mcdbus [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\mcdbus.sys (MagicISO, Inc.)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (NETw4v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw4v32.sys (Intel Corporation)
DRV - (NETw5v32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NETw5v32.sys (Intel Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (nmwcd [On_Demand | Stopped]) -- C:\Windows\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdc [On_Demand | Stopped]) -- C:\Windows\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcdnsu [On_Demand | Stopped]) -- C:\Windows\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc [On_Demand | Stopped]) -- C:\Windows\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (OEM02Dev [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (OEM02Vfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (rimmptsk [Auto | Running]) -- C:\Windows\system32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [Auto | Running]) -- C:\Windows\system32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [Auto | Running]) -- C:\Windows\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (TcUsb [On_Demand | Running]) -- C:\Windows\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (tmcomm [Auto | Running]) -- C:\Windows\system32\DRIVERS\tmcomm.sys (Trend Micro Inc.)
DRV - (TmFilter [Auto | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys (Trend Micro Inc.)
DRV - (tmlwf [System | Running]) -- C:\Windows\system32\DRIVERS\tmlwf.sys (Trend Micro Inc.)
DRV - (TmPreFilter [Auto | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys (Trend Micro Inc.)
DRV - (tmtdi [System | Running]) -- C:\Windows\system32\DRIVERS\tmtdi.sys (Trend Micro Inc.)
DRV - (tmwfp [Auto | Running]) -- C:\Windows\system32\DRIVERS\tmwfp.sys (Trend Micro Inc.)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (UltraMonUtility [Auto | Running]) -- C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys (Realtime Soft Ltd)
DRV - (upperdev [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbser [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbser.sys (Microsoft Corporation)
DRV - (UsbserFilt [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vmci [Auto | Running]) -- C:\Windows\system32\Drivers\vmci.sys (VMware, Inc.)
DRV - (vmkbd [On_Demand | Running]) -- C:\Windows\system32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (vmm [System | Running]) -- C:\Windows\system32\Drivers\vmm.sys (Microsoft Corporation)
DRV - (VMnetAdapter [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\vmnetadapter.sys (VMware, Inc.)
DRV - (VMnetBridge [Auto | Running]) -- C:\Windows\system32\DRIVERS\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetuserif [Auto | Running]) -- C:\Windows\system32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (vmusb [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\vmusb.sys (VMware, Inc.)
DRV - (vmx86 [Auto | Running]) -- C:\Windows\system32\Drivers\vmx86.sys (VMware, Inc.)
DRV - (VPCNetS2 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\VMNetSrv.sys (Microsoft Corporation)
DRV - (VSApiNt [Auto | Running]) -- C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys (Trend Micro Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vstor2-ws60 [Auto | Running]) -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)
DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.tur.dk/...p...tur.dk/owa/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {ee56ecf0-6e7a-479a-8162-e123a991c7e7}:0.4.3
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.15.0
FF - prefs.js..extensions.enabledItems: conquertell@jonducrou:1.1.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.17
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.041
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.3
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.76
FF - prefs.js..extensions.enabledItems: {04426594-bce6-4705-b811-bcdba2fd9c7b}:0.92
FF - prefs.js..extensions.enabledItems: {22832dda-1de6-4443-9ab5-d34214b03347}:2.3.1
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.21.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.20090104
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.5.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.3
FF - prefs.js..extensions.enabledItems: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:2.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.4
FF - prefs.js..extensions.enabledItems: {6b2aa68e-bd62-4564-ab0a-15b4af70426f}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX\ [2009-05-28 22:47:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009-05-28 15:45:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009-05-05 00:30:11 | 00,000,000 | ---D | M]

[2009-03-31 15:31:06 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Extensions
[2009-03-18 12:05:46 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-03-31 15:31:06 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Extensions\[email protected]
[2009-05-28 22:34:53 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions
[2009-05-02 14:47:00 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}
[2009-05-27 23:59:56 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2009-03-25 11:25:35 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{22832dda-1de6-4443-9ab5-d34214b03347}
[2009-05-13 09:15:53 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009-04-28 20:12:40 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009-03-18 14:21:23 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{6b2aa68e-bd62-4564-ab0a-15b4af70426f}
[2009-04-16 10:40:33 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-05-28 22:34:48 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009-03-18 12:13:37 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{ee56ecf0-6e7a-479a-8162-e123a991c7e7}
[2009-03-18 12:13:30 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2009-04-20 20:57:30 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-05-26 22:59:03 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\conquertell@jonducrou
[2009-03-18 12:13:36 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-03-18 12:13:35 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-05-04 09:27:14 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-03-18 12:13:30 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-03-19 13:39:30 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-04-21 16:53:18 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-04-21 16:53:18 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-05-05 10:04:23 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mozilla\Firefox\Profiles\kucq78m9.default\extensions\[email protected]
[2009-05-27 09:42:39 | 00,001,268 | ---- | M] () -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Mozilla\FireFox\Profiles\kucq78m9.default\searchplugins\scrapetorrentcom.xml
[2009-05-28 22:34:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009-04-28 09:29:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-05-05 00:30:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009-04-28 09:29:51 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009-04-28 09:29:51 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009-02-19 21:33:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009-02-19 21:33:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009-02-19 21:33:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009-02-19 21:33:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009-02-19 21:33:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009-02-19 21:33:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009-02-19 21:33:08 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll (Google Inc.)
O2 - BHO: (no name) - AutorunsDisabled - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow (Trend Micro Inc.)
O4 - HKLM..\Run: [PSQLLauncher] "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup (UPEK Inc.)
O4 - HKLM..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe" (VMware, Inc.)
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] "C:\Users\obh.TURDOMAIN\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - Startup: C:\Users\obh.TURDOMAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Program Files\Dropbox\Dropbox.exe ()
O4 - Startup: C:\Users\obh.TURDOMAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk = C:\Windows\Installer\{1C94C999-15D2-4C75-9A73-BCC8A677D42E}\IcoUltraMon.ico ()
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk = C:\Windows\Installer\{5EF5F1C4-DA0C-406C-A0DE-70A5216B773C}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoThumbnail = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisablePersonalDirChange = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Indstillinger til Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [@%SystemRoot%\system32\wshtcpip.dll,-60103] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [NTDS] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [Bluetooth-navneområde] - C:\Windows\system32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\system32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: tur.dk ([mail] https in Lokalt intranet)
O15 - HKCU\..Trusted Domains: tur-server ([]file in Lokalt intranet)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1234903606968 (MUCatalogWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tur.dk
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{C96A3EE2-0D4F-4794-A483-E4F630965230}\\NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\system32\vrlogon.dll (UPEK Inc.)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\system32\browseui.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\system32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1410f689-e24a-11dd-9ded-001fe1db82fd}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found
O33 - MountPoints2\{6081117d-eba1-11dd-a8fc-001fe1db82fd}\Shell\AutoRun\command - "" = H:\WDSetup.exe -- File not found
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\WD_Windows_Tools\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009-05-29 15:34:05 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[2009-05-29 15:16:02 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009-05-29 15:08:00 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\highjackthis
[2009-05-28 15:59:04 | 00,134,926 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\Lektionsplan_pdf.pdf
[2009-05-28 14:56:18 | 00,000,000 | ---D | C] -- C:\test22
[2009-05-28 14:06:22 | 00,029,806 | ---- | C] (SumTotal Systems, Inc.) -- C:\Users\obh.TURDOMAIN\Desktop\dekode.tbk.bak
[2009-05-28 14:05:26 | 00,070,438 | ---- | C] (SumTotal Systems, Inc.) -- C:\Users\obh.TURDOMAIN\Desktop\dekode.tbk
[2009-05-28 13:23:54 | 00,000,676 | ---- | C] () -- C:\Users\Public\Desktop\PuTTY.lnk
[2009-05-28 11:47:13 | 00,002,164 | ---- | C] () -- C:\Users\Public\Desktop\Tunnelier.lnk
[2009-05-28 11:47:11 | 00,000,000 | ---D | C] -- C:\Program Files\Bitvise Tunnelier
[2009-05-28 11:19:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2009-05-27 20:48:59 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\TVU networks
[2009-05-27 15:59:40 | 00,000,630 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\Eclipse.lnk
[2009-05-27 10:27:33 | 00,002,060 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\Kørekort til motorcykel.lnk
[2009-05-26 23:05:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2009-05-26 23:04:31 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\notifyer
[2009-05-26 15:42:35 | 00,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2009-05-26 15:42:17 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\uTorrent
[2009-05-25 15:31:06 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\icensgen
[2009-05-20 14:32:08 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Jomigo
[2009-05-20 13:34:48 | 00,000,000 | ---D | C] -- C:\Program Files\AVIcodec
[2009-05-20 13:29:34 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\Gspot
[2009-05-20 13:22:09 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\test
[2009-05-20 12:40:47 | 00,000,000 | ---D | C] -- C:\PPT2SilverlightData
[2009-05-20 00:17:04 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\Desktop\Ny mappe (2)
[2009-05-19 17:22:37 | 00,327,680 | ---- | C] (On2.com Inc.) -- C:\Windows\System32\vp6dec.ax
[2009-05-19 17:22:37 | 00,053,248 | ---- | C] () -- C:\Windows\System32\vp6dec_settings.cpl
[2009-05-19 16:10:18 | 00,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2009-05-19 16:10:18 | 00,318,976 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2009-05-19 16:10:17 | 00,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2009-05-19 16:10:17 | 00,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2009-05-19 16:10:17 | 00,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009-05-19 16:10:16 | 00,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2009-05-19 16:09:37 | 00,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2009-05-19 16:09:37 | 00,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2009-05-19 16:09:37 | 00,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2009-05-19 16:09:37 | 00,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2009-05-19 16:09:35 | 00,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2009-05-19 16:09:35 | 00,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2009-05-19 16:09:35 | 00,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2009-05-19 16:09:16 | 00,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2009-05-19 14:32:46 | 00,000,000 | ---D | C] -- C:\Program Files\cwRsync
[2009-05-18 14:51:08 | 00,001,052 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\Tur Video Tool.lnk
[2009-05-16 19:19:40 | 00,000,000 | ---D | C] -- C:\Program Files\Free Video Cutter
[2009-05-14 14:16:57 | 00,000,000 | ---D | C] -- C:\Program Files\Console
[2009-05-14 13:55:50 | 00,001,724 | ---- | C] () -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2009-05-14 13:55:31 | 00,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2009-05-12 12:58:46 | 00,000,000 | ---D | C] -- C:\Program Files\Trafikteori
[2009-05-11 21:14:40 | 00,000,000 | ---D | C] -- C:\temp
[2009-05-11 20:32:24 | 00,003,120 | ---- | C] () -- C:\Windows\System32\cejdkfdfcgefbhgcebh.dll
[2009-05-11 20:32:22 | 00,000,000 | ---D | C] -- C:\ProgramData\TeamDirection
[2009-05-11 20:31:13 | 00,000,000 | ---D | C] -- C:\OBH\Dokumenter\Groove Workspace Templates
[2009-05-11 20:31:09 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\TeamDirection
[2009-05-11 20:31:09 | 00,000,000 | ---D | C] -- C:\Program Files\TeamDirection
[2009-05-09 02:04:06 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\vlc
[2009-05-08 20:36:49 | 00,000,514 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\192.168.50.100-5899.vnc
[2009-05-05 11:51:51 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Download Manager
[2009-05-04 14:15:23 | 00,000,000 | ---D | C] -- C:\Program Files\UPEK
[2009-05-04 14:09:07 | 00,001,045 | ---- | C] () -- C:\Users\obh.TURDOMAIN\Desktop\Certifikat til truck.lnk
[2009-05-04 14:09:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\TUR
[2009-05-04 12:21:57 | 00,000,000 | ---D | C] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Elluminate
[2009-04-29 20:31:15 | 00,000,000 | ---D | C] -- C:\OBH\Dokumenter\BattleForge
[2009-04-29 19:53:17 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2009-04-29 19:53:17 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2009-04-29 19:53:17 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2009-04-29 19:53:16 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2009-04-29 19:53:16 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2009-04-29 19:53:15 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2009-04-29 19:53:15 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2009-02-28 00:12:30 | 00,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009-02-28 00:12:10 | 00,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009-02-05 12:59:56 | 00,055,856 | ---- | C] () -- C:\Windows\System32\vnetinst.dll
[2009-01-27 16:10:48 | 00,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2009-01-26 15:35:57 | 00,000,071 | ---- | C] () -- C:\Windows\ricdb.ini
[2009-01-26 15:35:55 | 00,000,076 | ---- | C] () -- C:\Windows\System32\RPCS.ini
[2009-01-20 15:53:58 | 00,022,723 | ---- | C] () -- C:\Windows\System32\xrxg1l3.dll
[2009-01-13 12:28:56 | 00,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009-01-12 14:53:50 | 00,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-01-08 14:52:44 | 00,000,047 | ---- | C] () -- C:\Windows\tb90r.ini
[2008-12-31 18:04:42 | 00,691,560 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008-12-16 20:28:24 | 00,397,312 | ---- | C] () -- C:\Windows\System32\js32mt.dll
[2008-11-21 22:25:12 | 00,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2008-11-07 14:08:31 | 00,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008-10-28 15:18:34 | 00,001,381 | ---- | C] () -- C:\Windows\ntbackup.ini
[2008-10-20 13:24:41 | 00,013,672 | ---- | C] () -- C:\Windows\cfgall.ini
[2008-08-31 11:24:09 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008-07-03 06:46:32 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008-06-05 09:58:26 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2007-03-30 00:00:40 | 00,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006-11-03 17:25:56 | 00,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006-11-02 12:23:31 | 00,000,295 | ---- | C] () -- C:\Windows\win.ini
[2006-11-02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006-11-02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005-09-11 21:08:36 | 00,548,352 | ---- | C] () -- C:\Windows\System32\imgdecoder.dll
[2004-10-07 13:50:50 | 00,072,704 | ---- | C] () -- C:\Windows\System32\zlibwapi.dll
[2001-11-14 12:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001-09-13 20:25:00 | 00,005,120 | ---- | C] () -- C:\Windows\System32\geOTraySpy.dll

========== Files - Modified Within 30 Days ==========

[2009-05-29 15:35:00 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F1AFDA65-A9BB-477A-97D5-12E1A0AE5ABA}.job
[2009-05-29 15:15:17 | 00,000,600 | ---- | M] () -- C:\Users\obh.TURDOMAIN\AppData\Roaming\winscp.rnd
[2009-05-29 14:29:07 | 00,160,415 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009-05-29 14:05:40 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009-05-29 14:05:40 | 00,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009-05-29 12:05:16 | 00,000,600 | ---- | M] () -- C:\Users\obh.TURDOMAIN\AppData\Roaming\PUTTY.RND
[2009-05-29 10:09:41 | 00,160,415 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009-05-29 10:08:32 | 00,002,525 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2009-05-29 10:08:31 | 00,002,359 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2009-05-29 10:08:16 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009-05-29 10:05:41 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009-05-29 10:05:26 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009-05-29 10:05:04 | 37,560,64768 | -HS- | M] () -- C:\hiberfil.sys
[2009-05-28 21:40:07 | 00,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-17043905-764412533-281947949-4223.job
[2009-05-28 17:19:52 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009-05-28 14:06:22 | 00,070,438 | ---- | M] (SumTotal Systems, Inc.) -- C:\Users\obh.TURDOMAIN\Desktop\dekode.tbk
[2009-05-28 14:06:22 | 00,029,806 | ---- | M] (SumTotal Systems, Inc.) -- C:\Users\obh.TURDOMAIN\Desktop\dekode.tbk.bak
[2009-05-28 13:23:54 | 00,000,676 | ---- | M] () -- C:\Users\Public\Desktop\PuTTY.lnk
[2009-05-28 11:47:13 | 00,002,164 | ---- | M] () -- C:\Users\Public\Desktop\Tunnelier.lnk
[2009-05-28 09:46:52 | 00,013,672 | ---- | M] () -- C:\Windows\cfgall.ini
[2009-05-27 20:05:53 | 00,000,076 | ---- | M] () -- C:\Windows\System32\RPCS.ini
[2009-05-27 20:05:53 | 00,000,071 | ---- | M] () -- C:\Windows\ricdb.ini
[2009-05-27 15:59:40 | 00,000,630 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Eclipse.lnk
[2009-05-27 10:27:33 | 00,002,060 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Kørekort til motorcykel.lnk
[2009-05-25 10:35:04 | 00,134,926 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Lektionsplan_pdf.pdf
[2009-05-20 11:06:42 | 00,001,052 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Tur Video Tool.lnk
[2009-05-20 09:38:45 | 01,262,366 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009-05-20 09:38:45 | 00,602,208 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009-05-20 09:38:45 | 00,479,454 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2009-05-20 09:38:45 | 00,108,004 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009-05-20 09:38:45 | 00,085,108 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2009-05-14 19:48:15 | 01,726,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-05-14 13:55:50 | 00,001,724 | ---- | M] () -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2009-05-11 20:32:24 | 00,003,120 | ---- | M] () -- C:\Windows\System32\cejdkfdfcgefbhgcebh.dll
[2009-05-09 00:07:46 | 00,000,514 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\192.168.50.100-5899.vnc
[2009-05-07 09:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009-05-04 15:00:32 | 00,003,235 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\backup.vbs
[2009-05-04 14:09:07 | 00,001,045 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Certifikat til truck.lnk
[2009-05-04 11:57:51 | 00,001,092 | ---- | M] () -- C:\Users\obh.TURDOMAIN\Desktop\Tur Audio Tool.lnk

========== LOP Check ==========

[2009-05-27 20:48:59 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming
[2009-01-18 21:13:36 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Adobe
[2009-03-10 23:23:21 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\AgeOfBooty
[2009-05-14 22:40:23 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Any Video Converter
[2008-12-07 22:20:47 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Apple Computer
[2009-03-10 14:37:19 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Articulate
[2009-05-15 00:33:42 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Audacity
[2009-04-24 12:01:21 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\avidemux
[2009-04-08 11:23:44 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Bump Technologies, Inc
[2009-02-04 13:56:44 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Caphyon
[2008-12-26 23:20:43 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Capture
[2009-01-14 00:33:51 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Cryptomathic
[2008-12-16 20:29:19 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Cycling '74
[2009-01-03 16:10:51 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\DeepBurner
[2008-11-13 10:47:07 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Digsby
[2008-11-03 17:33:49 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\DonationCoder
[2009-05-05 12:35:08 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Download Manager
[2009-05-29 10:09:45 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Dropbox
[2009-05-20 00:11:09 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\dvdcss
[2009-05-04 13:08:44 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Elluminate
[2008-12-10 10:34:20 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\FileZilla
[2009-01-13 17:07:24 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\FireShot
[2009-01-31 15:59:03 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\full phat
[2008-10-30 00:24:33 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Gbridge
[2009-01-14 17:27:10 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\GetRightToGo
[2009-01-28 15:21:54 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\GlarySoft
[2009-05-28 15:44:25 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Google
[2009-03-25 13:31:27 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Greenshot
[2008-10-20 20:26:07 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\GRETECH
[2008-11-06 16:11:23 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\gtk-2.0
[2008-10-20 12:33:40 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Identities
[2009-02-20 11:36:39 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\InstallPad
[2009-05-20 14:32:08 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Jomigo
[2008-10-20 12:34:08 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Launchy
[2008-10-20 18:22:45 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Macromedia
[2008-11-27 23:10:47 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Malwarebytes
[2009-03-31 15:28:32 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\mC2
[2008-12-15 20:34:20 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Media Player Classic
[2009-03-25 14:32:11 | 00,000,000 | --SD | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Microsoft
[2009-01-28 01:39:42 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Mount&Blade
[2009-05-28 15:44:25 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Mozilla
[2008-12-01 11:54:17 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Nokia
[2008-10-20 17:59:17 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Notepad++
[2008-11-17 12:13:32 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Opera
[2008-10-21 15:43:47 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\PC Suite
[2009-02-18 00:14:51 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Python-Eggs
[2008-12-15 20:34:20 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Real
[2009-01-15 17:39:54 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Realtime Soft
[2009-03-10 23:22:16 | 00,000,000 | RH-D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\SecuROM
[2008-11-06 11:53:11 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Songbird2
[2008-11-14 12:20:28 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Soocial
[2009-02-08 04:24:56 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Stardock
[2008-10-20 13:17:02 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Subversion
[2008-10-20 18:03:37 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\SumatraPDF
[2008-11-20 17:01:40 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Symantec
[2009-05-11 20:31:09 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\TeamDirection
[2008-10-20 18:09:00 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\TortoiseSVN
[2009-05-27 20:48:59 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\TVU networks
[2009-03-20 23:38:16 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\Ubisoft
[2009-05-26 18:02:08 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\uTorrent
[2009-05-12 23:40:31 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\vlc
[2009-03-25 10:50:55 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\VMware
[2008-11-15 01:55:31 | 00,000,000 | ---D | M] -- C:\Users\obh.TURDOMAIN\AppData\Roaming\WinPatrol
[2009-05-29 10:08:16 | 00,000,916 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachine.job
[2009-05-28 21:40:07 | 00,000,902 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-17043905-764412533-281947949-4223.job
[2009-05-29 10:05:41 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009-05-28 17:19:53 | 00,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009-05-29 15:35:00 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F1AFDA65-A9BB-477A-97D5-12E1A0AE5ABA}.job

========== Purity Check ==========

< End of report >


OTListIt Extras logfile created on: 29-05-2009 15:34:28 - Run 2
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\obh.TURDOMAIN\Desktop\highjackthis
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,47 Gb Total Space | 42,26 Gb Free Space | 14,81% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 3,67 Gb Free Space | 36,70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 55,86 Gb Total Space | 39,74 Gb Free Space | 71,15% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TFN8-01
Current User Name: obh
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini [@ = Notepad++_file] -- C:\Program Files\Notepad++\notepad++.exe (Don HO [email protected])
.txt [@ = Notepad++_file] -- C:\Program Files\Notepad++\notepad++.exe (Don HO [email protected])

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

{13DF00CA-14E2-42D8-A9A4-DD5D5A4991D5} = RPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28523 | APP=SYSTEM |
{1AF79D57-D377-4F20-BD01-BFD9CA097B98} = LPORT=44233 | PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TREND MICRO OFFICESCAN LISTENER |
{3F438F99-C67A-4CF9-83EA-224330CB098D} = LPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28511 | APP=SYSTEM |
{43FC34D3-0A9A-4C1E-B24C-3C193520118A} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32785 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{459C998D-B505-491A-8435-7DC16486204D} = RPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28515 | APP=SYSTEM |
{4A8463FD-71D1-4BFE-B10D-0C4A348CE16E} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{4D1AFF20-D99F-4564-9D07-1352E281710A} = LPORT=44233 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TREND MICRO OFFICESCAN LISTENER |
{6956F772-D2B0-41BA-993D-CA0AC876FCCD} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{6A446D61-309F-4D05-BF15-118839ED576F} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32811 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{73551818-1F70-4393-8501-270891D3D800} = LPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32801 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{83079752-BB2F-42F0-AF8C-9BA3957B2CD2} = LPORT=RPC-EPMAP | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28539 | SVC=RPCSS |
{8346A815-B4BD-4CFD-9090-F6DD48060290} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32789 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{8CF875B0-1F65-480A-9E4C-1F06C05615BC} = LPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32753 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{8DFBBC7B-9688-48C2-9254-66EC50D1E7F5} = RPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28531 | APP=SYSTEM |
{96B670FB-9C89-437C-A05D-A67C88F3011C} = LPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28519 | APP=SYSTEM |
{A45F2F9C-CEFE-4DA0-9ABA-76EFDB306A33} = LPORT=6004 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE OUTLOOK | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\OUTLOOK.EXE |
{B638C269-C2B3-4A5B-AAA8-61F383EA90BF} = RPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32757 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{BC70526B-7F6C-4B5C-811F-44AED1554C19} = LPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28503 | APP=SYSTEM |
{C063F14D-43B4-4B8D-88B9-EBF7DC248845} = LPORT=3389 | PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28753 | APP=SYSTEM |
{D27FE6BE-899A-4E10-8665-8F7F65D93B62} = RPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32805 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{D45F27EA-3514-4E02-A7A4-E74EFF2C152A} = LPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28527 | APP=SYSTEM |
{D5CB27DF-2520-4944-84F6-65EECC3A9DD3} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32809 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{E94410C2-F75A-49CF-9B4E-C4577310EC7B} = LPORT=RPC | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{F4426572-A746-4C2A-936B-2981DA30346D} = RPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28507 | APP=SYSTEM |

========== Vista Active Application Exception List ==========

{01F9D6B3-A96E-410D-82D0-8F93B59480D6} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MOUNT AND BLADE | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MOUNT AND BLADE\RUNME.EXE |
{025679CF-FEA0-45F4-AD17-4EC79AC83AAE} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NETDRIVE SERVICE | APP=C:\PROGRAM FILES\NETDRIVE\NDSVC.EXE |
{070EB3B0-B927-42CF-AA59-8E8F74C24A1E} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBVNCVIEWER | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBVNCVIEWER.EXE |
{0A393677-A290-4607-81B9-2BC94B294ED0} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\OBH\DOWNLOADS\UTORRENT(2).EXE |
{0F58E357-FAFF-4FC7-9C0F-63385B063546} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-32821 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{21B1B0A5-F2A0-43D0-BE82-9C6E91F0F5E7} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NETDRIVE SERVICE | APP=C:\PROGRAM FILES\NETDRIVE\NDSVC.EXE |
{28F88027-FA10-4FDE-B61A-4003D314168E} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=VMWARE AUTHD | APP=C:\PROGRAM FILES\VMWARE\VMWARE PLAYER\VMWARE-AUTHD.EXE |
{328FC4B0-448D-45B5-9C26-53F8192003FF} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{366DC27E-7801-434E-BA70-EAB660C1C427} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=VMWARE AUTHD | APP=C:\PROGRAM FILES\VMWARE\VMWARE PLAYER\VMWARE-AUTHD.EXE |
{484B201C-B474-4B52-B57E-83720E709320} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{51F33258-9133-49CC-A1B8-65A05113518C} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{5BA251D6-AC76-46D3-A28C-D288DCBA96FD} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BATTLEFORGE DEMO | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\BATTLEFORGE\BOOTSTRAPPER.EXE |
{5C6BCD52-5185-48BB-95C2-ADE90C212E1B} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BATTLEFORGE DEMO | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\BATTLEFORGE\BOOTSTRAPPER.EXE |
{5CE79F45-56C9-48DD-A068-730F0F08A858} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{64BEDC35-45CA-4CCB-A7FB-E534F854338B} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | [email protected],-28543 |
{6AC204F7-B4A8-470F-AC7E-B1636A78CA73} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SID MEIER'S CIVILIZATION IV COLONIZATION | APP=C:\PROGRAM FILES\2K GAMES\FIRAXIS GAMES\SID MEIER'S CIVILIZATION IV COLONIZATION\COLONIZATION.EXE |
{6B4BB9B2-F542-43A8-939D-5E98040DF7ED} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SID MEIER'S CIVILIZATION IV COLONIZATION | APP=C:\PROGRAM FILES\2K GAMES\FIRAXIS GAMES\SID MEIER'S CIVILIZATION IV COLONIZATION\COLONIZATION.EXE |
{706316DD-91F7-44FF-BDF7-6339E20D4AA3} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GOOGLE TALK | APP=C:\PROGRAM FILES\GOOGLE\GOOGLE TALK\GOOGLETALK.EXE |
{73BFE1A3-939D-480A-AD9F-3EB923B88CE7} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBWINVNC | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBWINVNC.EXE |
{7C6FEF30-CA6B-44EC-98DF-29259511846E} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GOOGLE TALK | APP=C:\PROGRAM FILES\GOOGLE\GOOGLE TALK\GOOGLETALK.EXE |
{7D2F885C-8002-44DE-8703-DA54FC7BF7E6} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | [email protected],-28544 |
{7DBD6609-C4B3-46F8-82D1-5BEF2C81F785} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | [email protected],-28545 |
{82E3A2F7-49D6-4897-B938-7599C77B13A5} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBVNCVIEWER | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBVNCVIEWER.EXE |
{85384A1C-5B12-4E05-9E4C-DBC9B2DABF1C} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBVNCVIEWER | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBVNCVIEWER.EXE |
{87FBD77B-B1BC-439C-A597-E3D1D3770F73} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBWINVNC | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBWINVNC.EXE |
{8BC3A1F0-FA59-43F7-801F-BD849F656B97} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{95D818C4-1C21-4858-BE76-6DCEB9E4BD3D} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBRIDGE | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBRIDGE.EXE |
{9981C0AE-B9FD-47DB-BD53-7EA8995A1F27} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ASSASSIN'S CREED | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\ASSASSINS CREED\ASSASSINSCREED_GAME.EXE |
{9FBC056D-9DFB-4CC0-9C8C-22B9236AD0FC} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{A1771FDA-F2F6-4D31-95D1-BE2FACF65C3A} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ASSASSIN'S CREED | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\ASSASSINS CREED\ASSASSINSCREED_GAME.EXE |
{A427D26F-3C76-46F2-B196-1D6CF5A6EE30} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{A8580761-796B-4CB6-ACB6-FDF584B39CD0} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\OBH\DOWNLOADS\UTORRENT(2).EXE |
{AB5F9131-9709-4F14-B46C-FDFA19EA2504} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBWINVNC | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBWINVNC.EXE |
{AEA4653F-9FBE-4D8A-84AA-FFCE875AE0C0} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\OBH\DOWNLOADS\UTORRENT(3).EXE |
{AEECE7B0-AEE7-487E-B8E5-9C192F6DADAF} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{B632ED9F-73A1-445E-A115-7C91E4512F31} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBRIDGE | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBRIDGE.EXE |
{B8FA7682-2158-49E6-8049-C17532F07C4B} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBVNCVIEWER | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBVNCVIEWER.EXE |
{BE82C6C7-5691-4C65-86F1-EF715ED2D4FB} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\OBH\DOWNLOADS\UTORRENT(3).EXE |
{C135D18E-BB27-4F23-A416-991174A0D569} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{CF9BE349-7CA4-4BE9-B0D0-129991F93498} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBRIDGE | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBRIDGE.EXE |
{DB7D98C3-BF93-4937-AEC6-9741C086AF58} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{DC073DEC-F9AC-4A00-BC82-9915301C6613} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MOUNT AND BLADE | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MOUNT AND BLADE\RUNME.EXE |
{DC0A317D-4562-4971-B154-12B1668D89E5} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{DFA99BE8-16E0-45D3-9F2F-795D217576B9} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=GBWINVNC | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBWINVNC.EXE |
{E14C2209-ABB4-4023-A907-C1CF98332E01} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{EB2118FE-D8F0-46A8-A38E-13D4A5565780} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{EB649B1A-7E99-4543-AA5E-C6CE9C7BE8AE} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=GBRIDGE | APP=C:\PROGRAM FILES\GBRIDGE LLC\GBRIDGE\GBRIDGE.EXE |
{F1204CAD-38D0-41F6-8A86-F265D0A56499} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | [email protected],-28546 |
{FA37CC08-0077-4227-9B92-DBDD06CECA90} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
TCP Query User{0838C27A-96F9-4477-B5B4-E2A83604600D}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
TCP Query User{0C93FB8B-767F-4015-B394-57A19315E6F5}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
TCP Query User{4031768A-06BD-4B3F-8D94-8F0125787BF5}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
TCP Query User{87419A22-A082-46CD-B0BA-158F87CC78A8}C:\program files\internet explorer\iexplore.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
TCP Query User{8C9242CD-5ECA-449C-85A1-4BEE86E1DE9D}C:\program files\videolan\vlc\vlc.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=VLC MEDIA PLAYER | APP=C:\PROGRAM FILES\VIDEOLAN\VLC\VLC.EXE |
TCP Query User{C7520057-F093-476A-9738-78CE63E20510}C:\program files\netgear readynas\raidar.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MONITOR READYNAS DEVICE | APP=C:\PROGRAM FILES\NETGEAR READYNAS\RAIDAR.EXE |
TCP Query User{EDD627DA-F60E-46F6-BE62-A0459B1F67CD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
TCP Query User{F06F0C90-1AAD-4BB0-9F94-58DD6A6F44A4}C:\windows\system32\dpnsvr.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT DIRECTPLAY8 SERVER | APP=C:\WINDOWS\SYSTEM32\DPNSVR.EXE |
UDP Query User{20AE3BB2-2863-4F84-8754-737783E955CA}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
UDP Query User{20C10869-E951-4A39-8237-605FDDEECFCC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
UDP Query User{355FEA46-2D4F-4EF8-893C-D1317BA933D8}C:\program files\netgear readynas\raidar.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MONITOR READYNAS DEVICE | APP=C:\PROGRAM FILES\NETGEAR READYNAS\RAIDAR.EXE |
UDP Query User{75720DEE-A0AE-4457-8840-EF6562FD56B1}C:\windows\system32\dpnsvr.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT DIRECTPLAY8 SERVER | APP=C:\WINDOWS\SYSTEM32\DPNSVR.EXE |
UDP Query User{9AA83D5F-EC51-4321-A906-7A425DCD05CA}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SERVICE LAYER HOST PROCESS | APP=C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICE LAYER\A\NSL_HOST_PROCESS.EXE |
UDP Query User{A1DE00A4-8C9F-4B98-B8B5-DADC87747497}C:\program files\internet explorer\iexplore.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=INTERNET EXPLORER | APP=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE |
UDP Query User{A7512CA6-C81F-44B5-8A50-F361EAC53789}C:\program files\nokia\nokia software updater\nsu_ui_client.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=NOKIA SOFTWARE UPDATER | APP=C:\PROGRAM FILES\NOKIA\NOKIA SOFTWARE UPDATER\NSU_UI_CLIENT.EXE |
UDP Query User{B12658DC-FD77-48C4-8F81-B21FF35BD6B9}C:\program files\videolan\vlc\vlc.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=VLC MEDIA PLAYER | APP=C:\PROGRAM FILES\VIDEOLAN\VLC\VLC.EXE |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0165af9b-bbbd-41ef-8c4a-e30a4f6329a1}" = IntelliGantt Plus
"{0332234E-09D1-4B74-A5F3-73E34BA29F5B}" = Nokia Software Updater
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{062BFFA1-0CCC-400B-B840-F162328D8C00}" = winLAME prerelease4
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0FA533-9C7C-35A2-AADB-9B101DA28FBF}" = O3D Plugin
"{0ED6E1BF-3604-45E9-A719-8DD3B5826706}" = Subversion
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1C94C999-15D2-4C75-9A73-BCC8A677D42E}" = UltraMon
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 13
"{26BD75C5-82D3-4272-8D4D-9DE7AC51DB76}" = OGA Notifier 1.7.0105.35.0
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2E7B6B00-5ECD-49A1-8FD4-4B647C5D8027}" = Adobe Captivate 3
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F9B2FD2-1C83-4401-9967-C3636638E958}" = Adobe SING CS3
"{4F93ABBE-5A1D-4D56-94CB-022F109FDE4D}" = Adobe Presenter 7
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{552171BC-30F8-3B29-9C4F-E3FE590B7CAC}" = Google Gears
"{56B8B892-317E-4FDE-9E4D-44B189848A27}" = Adobe Setup
"{5EF5F1C4-DA0C-406C-A0DE-70A5216B773C}" = Cisco Systems VPN Client 5.0.05.0280
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}" = 3RVX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{70FD5DCD-720B-407E-A9B4-1E557C16A1B2}" = TouchChip USB Driver 2.14
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{79EFF529-C306-41DC-81D9-17F181DF287A}" = DoISO
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0406-0000-0000000FF1CE}" = Microsoft Office Access MUI (Danish) 2007
"{90120000-0015-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0406-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Danish) 2007
"{90120000-0016-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0406-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Danish) 2007
"{90120000-0018-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0406-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Danish) 2007
"{90120000-0019-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0406-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Danish) 2007
"{90120000-001A-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0406-0000-0000000FF1CE}" = Microsoft Office Word MUI (Danish) 2007
"{90120000-001B-0406-0000-0000000FF1CE}_PROHYBRIDR_{652017DD-E99F-4420-9CC8-AC25CE8375A5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_PROHYBRIDR_{25E093C2-374E-44A9-9BCE-3881BD442F3F}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0406-0000-0000000FF1CE}" = Microsoft Office Proofing (Danish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0406-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Danish) 2007
"{90120000-006E-0406-0000-0000000FF1CE}_PROHYBRIDR_{50865937-2EBB-4BBF-8861-BF5972C95D4B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B1-0409-0000-0000000FF1CE}" = Microsoft Save as XPS Add-in for 2007 Microsoft Office programs
"{90120000-00B2-0406-0000-0000000FF1CE}" = Microsoft Office 2007-tilføjelsesprogram: Microsoft Gem som PDF eller XPS
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1" = Free Video Cutter 1.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95774351-6087-3A3B-8CA8-70BEE49D2BD5}" = Google Gears
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E66249D-C417-457E-8828-EA0D39FCF245}" = Advanced Installer 6.8
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A11138F6-31A2-34D9-93E9-3F5BC0EB2F8C}" = Google Gears
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A4799F3A-8E1D-4470-9543-E77430FBE767}" = ToolBook 9.01 Hotfix 1
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A6D96D8E-04C4-47E8-A681-F7C9C6444B9A}" = NVIDIA PhysX v8.06.16
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B3E699B5-7EEE-4AB1-A7BB-A43B7B4D94ED}" = Windows NT Backup - Restore Utility
"{B561B3C2-B114-4732-818A-5C7C81C42AF0}" = ToolBook Instructor 9.01 Update
"{B69349AE-2D41-3708-8BA4-4DC22645CA04}" = Microsoft .NET Framework 3.5 Language Pack SP1 - dan
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C47C410D-533E-4D5F-B93A-78A99E69D222}" = ToolBook Instructor 9
"{C57A8E40-FE11-480C-9C61-22E325FDAD45}" = Boffin
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2B8912-9C02-43CC-9CFA-A3BB60DCD5B9}" = RoadQuiz Demo 1.0.6
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CBDE9C7D-CF52-4558-B23E-B66359CB586A}" = Nokia Connectivity Cable Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}" = VP6 Decoder
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4D8C545-FB3C-4612-9AB5-EA848EE09230}" = TMTool
"{D5577624-0626-4C4B-87AA-D966DA1739D6}" = Nokia PC Suite
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB415709-F948-4D3C-BE98-8B25F3251902}" = TMTool
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCA37CD2-7BA4-4A5A-8979-B64EA712F4CB}" = TortoiseSVN 1.6.2.16344 (32 bit)
"{FD8D3DB9-03F7-47A6-A08D-D4BF69C86833}" = SoftCare Support Agent
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"112_is1" = 112
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-driverpakke - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 4.62
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-driverpakke - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Presenter 7" = Adobe Presenter 7
"Adobe_05ba3a63f36684fe0c5dde2ebe6f8f5" = Adobe InDesign CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.5 (Unicode)
"AutoItv3" = AutoIt v3.3.0.0
"AVIcodec" = AVIcodec (remove only)
"BG_DVR_CBT_Fahrphysik" = BG DVR CBT Fahrphysik
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-driverpakke - Nokia Modem (05/22/2008 3.8)
"CCleaner" = CCleaner (remove only)
"Certifikat kranfører – kategori D_is1" = Certifikat kranfører – kategori D v5.0
"Certifikat til truck_is1" = Certifikat til truck v12.0
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"cwRsync" = cwRsync (remove only)
"Cycling '74 MaxMSP v4.5.5" = Cycling '74 MaxMSP v4.5.5
"Defraggler" = Defraggler (remove only)
"Digital Signatur" = Digital Signatur
"Digsby" = Digsby
"doPDF 6 printer_is1" = doPDF 6.1 printer
"Dropbox" = Dropbox
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"Everest Poker" = Everest Poker (Remove Only)
"filehippo.com" = filehippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.1.3.1
"Gadwin PrintScreen" = Gadwin PrintScreen
"GOM Player" = GOM Player
"Google Calendar Sync" = Google Calendar Sync
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"HijackThis" = HijackThis 2.0.2
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"Indeo® Software" = Indeo® Software
"Inno Setup 5_is1" = Inno Setup QuickStart Pack version 5.2.3
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"KursusGenerator_is1" = KursusGenerator v8.1
"Kørehviletider_is1" = Kørehviletider v3.01
"Kørekort til bus_is1" = Kørekort til bus v9.0
"Kørekort til lastbil_is1" = Kørekort til lastbil v10.0
"Kørekort til motorcykel_is1" = Kørekort til motorcykel v3.0
"Kørekort til personbil_is1" = Kørekort til personbil v4.1
"Kørekort til stort påhængskøretøj_is1" = Kørekort til stort påhængskøretøj v1.1
"Kørsel med taxi_is1" = Kørsel med taxi v4.0
"Kørselsdynamik_is1" = Kørselsdynamik v2.31
"LastFM_is1" = Last.fm 1.5.4.24567
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - dan" = Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeScanNT" = Trend Micro OfficeScan Client
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"PuTTY_is1" = PuTTY version 0.60
"RAIDar 4.01c1-p1" = RAIDar 4.01c1-p1
"Rainmeter" = Rainmeter (remove only)
"RealAlt_is1" = Real Alternative 1.9.0
"Risikolære_is1" = Risikolære v2.2
"Songbird 20090309" = Songbird 1.1.1 (20090309)
"Steam App 15100" = Assassin's Creed
"Steam App 240" = Counter-Strike: Source
"Steam App 24770" = Battleforge Demo
"Subversion_is1" = Subversion 1.4.6-r28521
"SumatraPDF" = Sumatra PDF reader
"System Explorer_is1" = System Explorer 1.5
"TightVNC_is1" = TightVNC 1.3.9
"ToolBook II 6.1 Runtime Files" = ToolBook II 6.1 Runtime Files
"Tunnelier" = Bitvise Tunnelier 4.28 (remove only)
"Tur Audio Tool_is1" = Tur Audio Tool v1.00
"Tur Presenter Skabelon_is1" = Tur Presenter Skabelon v1.21
"Tur Program Sync_is1" = Tur Program Sync v1.06
"Tur Video Tool_is1" = Tur Video Tool v1.01
"TVUPlayer" = TVUPlayer 2.4.1.0
"Unlocker" = Unlocker 1.8.7
"VISPRO" = Microsoft Office Visio Professional 2007
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 0.9.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.1.8
"XobniMain" = Xobni
"Ziepod_is1" = Ziepod version 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (obh)
"Adobe ConnectNow" = Adobe ConnectNow
"Adobe ConnectNow Add-in" = Adobe ConnectNow Add-in
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ OSession Events ]
Error - 14-10-2008 05:32:08 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27-10-2008 08:51:36 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2374
seconds with 720 seconds of active time. This session ended with a crash.

Error - 14-11-2008 05:06:39 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 65
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27-01-2009 10:13:58 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 274 seconds with 0 seconds of active time. This session ended with a crash.

Error - 19-02-2009 06:01:39 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 181 seconds with 180 seconds of active time. This session ended with a crash.

Error - 05-03-2009 17:36:09 | Computer Name = TFN8-01.tur.dk | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4277
seconds with 2760 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29-05-2009 04:05:29 | Computer Name = TFN8-01.tur.dk | Source = EventLog | ID = 6008
Description = Den foregående systemlukning kl. 03:01:55 d. 29-05-2009 var uventet.

Error - 29-05-2009 04:05:59 | Computer Name = TFN8-01.tur.dk | Source = Print | ID = 19
Description = udskriftskøen kunne ikke dele printeren Xerox Phaser 6110 med det
delte ressourcenavn Xerox Phaser 6110. Fejl 2114. Printeren kan ikke bruges af andre
på netværket.

Error - 29-05-2009 04:06:12 | Computer Name = TFN8-01.tur.dk | Source = NETLOGON | ID = 5719
Description = Denne computer kunne ikke oprette en sikker session med en domæne-
controller
i domæne TURDOMAIN af følgende grund: %%1311 Dette kan medføre godkendelsesproblemer.
Kontroller, at denne computer er sluttet til netværket. Hvis problemet bliver ved,
skal
du kontakte domæneadministratoren. YDERLIGERE OPLYSNINGER Hvis denne computer er
domænecontroller for det angivne domæne, opretter den den sikre session i den primære
domænecontrolleremulator i det angivne domæne. I modsat fald opretter denne computer
den sikre session i en anden domænecontroller i det angivne domæne.

Error - 29-05-2009 04:06:14 | Computer Name = TFN8-01.tur.dk | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Behandlingen af gruppepolitikken mislykkedes på grund af manglende
netværksforbindelse til en domænecontroller. Dette kan være en forbigående fejl.
Der vil blive vist en meddelelse om gennemførelse, når computeren forbindes til
domænecontrolleren, og gruppepolitikken er blevet behandlet. Hvis der ikke vises
en meddelelse om gennemførelse i løbet af nogle timer, bør du kontakte administratoren.

Error - 29-05-2009 04:06:42 | Computer Name = TFN8-01.tur.dk | Source = Service Control Manager | ID = 7000
Description =

Error - 29-05-2009 04:06:42 | Computer Name = TFN8-01.tur.dk | Source = Service Control Manager | ID = 7000
Description =

Error - 29-05-2009 04:07:08 | Computer Name = TFN8-01.tur.dk | Source = Service Control Manager | ID = 7026
Description =

Error - 29-05-2009 04:08:32 | Computer Name = TFN8-01.tur.dk | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Behandlingen af gruppepolitikken mislykkedes på grund af manglende
netværksforbindelse til en domænecontroller. Dette kan være en forbigående fejl.
Der vil blive vist en meddelelse om gennemførelse, når computeren forbindes til
domænecontrolleren, og gruppepolitikken er blevet behandlet. Hvis der ikke vises
en meddelelse om gennemførelse i løbet af nogle timer, bør du kontakte administratoren.

Error - 29-05-2009 04:11:26 | Computer Name = TFN8-01.tur.dk | Source = TermService | ID = 1067
Description =

Error - 29-05-2009 09:16:11 | Computer Name = TFN8-01.tur.dk | Source = NETLOGON | ID = 5719
Description = Denne computer kunne ikke oprette en sikker session med en domæne-
controller
i domæne TURDOMAIN af følgende grund: %%1311 Dette kan medføre godkendelsesproblemer.
Kontroller, at denne computer er sluttet til netværket. Hvis problemet bliver ved,
skal
du kontakte domæneadministratoren. YDERLIGERE OPLYSNINGER Hvis denne computer er
domænecontroller for det angivne domæne, opretter den den sikre session i den primære
domænecontrolleremulator i det angivne domæne. I modsat fald opretter denne computer
den sikre session i en anden domænecontroller i det angivne domæne.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP