Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google redirect and system fix


  • Please log in to reply

#1
carlos50

carlos50

    Member

  • Member
  • PipPip
  • 33 posts
Hi

I got a google redirect virus a couple of weeks ago, I thought I got rid of it, but it is back with more. I got the system fix virus as well and possibly more.

It has the following symptoms:

  • clicking search results redirects to other webpages in both Firefox and Chrome
  • Delayed write failed error message
  • System fix scan
  • Files indexation process failed
  • Desktop and start menu disappears
  • Downloads in firefox disappears

I have tried to scan with spyware doctor and Malwarebytes Anti-Malware. Furthermore I have used the unhide.exe from and guide for system fix removal from bleebingcomputer.com But I cannot get rid of it.

I hope you can help me

Michael



OTL logfile created on: 12/23/2011 10:52:40 PM - Run 7
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

8.00 Gb Total Physical Memory | 4.73 Gb Available Physical Memory | 59.16% Memory free
16.14 Gb Paging File | 13.07 Gb Available in Paging File | 80.94% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 59.32 Gb Free Space | 21.23% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 7.57 Gb Free Space | 0.54% Space Free | Partition Type: NTFS

Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
PRC - [2011/12/23 22:02:27 | 000,089,248 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\Temp\afp64.exe
PRC - [2011/12/23 18:20:50 | 000,378,880 | ---- | M] () -- C:\ProgramData\NW20px6Jl3tZWq.exe
PRC - [2011/12/23 12:21:58 | 000,477,184 | ---- | M] () -- C:\ProgramData\FJVBhpobWuHu.exe
PRC - [2011/10/18 07:54:24 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2011/01/01 18:47:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 15:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2010/12/01 14:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
PRC - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2007/08/21 15:37:16 | 001,220,608 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\WiFi-AP @n\[email protected]
PRC - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/23 18:20:50 | 000,378,880 | ---- | M] () -- C:\ProgramData\NW20px6Jl3tZWq.exe
MOD - [2011/12/23 12:21:58 | 000,477,184 | ---- | M] () -- C:\ProgramData\FJVBhpobWuHu.exe
MOD - [2011/12/09 00:15:00 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/12/09 00:14:50 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/12/09 00:14:49 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/12/09 00:14:49 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/12/09 00:14:49 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/12/07 12:16:28 | 000,411,192 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll
MOD - [2011/12/07 12:16:27 | 003,767,864 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011/12/07 12:14:56 | 000,122,952 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011/12/07 12:14:55 | 000,222,280 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011/12/07 12:14:53 | 001,746,504 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011/12/07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011/10/13 02:55:54 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d72212e0e98b6ea4339d453bf540b5a6\CustomMarshalers.ni.dll
MOD - [2011/10/13 02:53:33 | 001,753,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\c6eb1b9a8763fa671def28c207e2debc\Microsoft.BusinessSolutions.SBA.Interop.Word.ni.dll
MOD - [2011/10/13 02:53:18 | 000,963,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\office\e1f097eb692a8fd71faaa19913f6ceda\office.ni.dll
MOD - [2011/10/13 02:52:31 | 000,532,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SBAIAPI\ba1fc8b61341a169bf2a9edc933934b8\SBAIAPI.ni.dll
MOD - [2011/10/13 02:52:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/13 02:37:00 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/13 02:36:50 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/13 02:36:43 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/13 02:36:02 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/13 02:35:54 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2010/09/22 18:03:40 | 002,666,496 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
MOD - [2009/11/04 00:37:47 | 001,377,376 | ---- | M] () -- C:\Windows\assembly\GAC_32\AddOnCommon\4.0.1001.0__31bf3856ad364e35\AddOnCommon.dll
MOD - [2009/11/04 00:37:47 | 000,066,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\PayPalResources\4.0.1001.0__31bf3856ad364e35\PayPalResources.dll
MOD - [2009/04/11 07:28:22 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2009/03/30 05:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2008/10/23 01:31:09 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll
MOD - [2008/10/23 01:30:58 | 000,781,104 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
MOD - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
MOD - [2007/06/28 20:15:38 | 000,689,688 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\1030\MSGR2DA.DLL
MOD - [2006/10/27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2006/10/26 21:30:42 | 000,065,312 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/19 01:01:47 | 000,146,816 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/05/14 08:01:24 | 004,901,888 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:64bit: - [2008/10/28 00:20:22 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2007/10/19 04:10:30 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 19:28:40 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/24 11:33:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/06 17:06:09 | 000,025,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/06/10 00:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/16 14:04:56 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/09/24 11:29:20 | 000,035,840 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2008/09/15 07:57:32 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 07:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/07/21 13:11:56 | 000,032,200 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008/05/19 08:47:48 | 000,173,096 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008/03/20 01:44:34 | 000,467,456 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007/09/05 11:04:48 | 000,077,872 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2007/08/15 21:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2007/08/15 09:22:00 | 000,369,152 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007/04/17 08:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006/10/31 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010/03/13 11:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/23 15:48:42] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2009/03/26 16:49:50 | 000,015,504 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mbam.sys -- (MBAMProtector)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.fxphd.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.b.dk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iam...c=tops&search="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.berlingske.dk/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.5
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.204
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/02/04 15:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\NETELLER app\plugins\Firefox\neteller\ [2010/10/20 09:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/15 18:32:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 19:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/15 19:46:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks [2009/11/20 06:07:02 | 000,000,000 | ---D | M]

[2008/12/29 00:32:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Extensions
[2011/12/17 14:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions
[2010/05/13 22:57:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/17 01:39:15 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/12/06 12:05:46 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/08/22 09:46:58 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/06 12:05:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/14 17:10:36 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2011/09/18 17:59:25 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2010/08/31 14:08:56 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\[email protected]
[2011/12/13 19:17:51 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 12:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2011/12/13 06:52:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/15 11:53:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/12/13 06:52:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
CHR - plugin: NeuLion Adaptive Plugin (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2010/12/15 20:53:20 | 000,001,424 | RH-- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FJVBhpobWuHu.exe] C:\ProgramData\FJVBhpobWuHu.exe ()
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" File not found
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [NETELLER app] "C:\Program Files (x86)\NETELLER app\NETELLER-app.exe" /BOOT File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk = File not found
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1FB07-90EC-4593-920F-913C35E23C0F}: DhcpNameServer = 193.162.153.164 194.239.134.83
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1033" /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/23 22:51:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 18:51:02 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:50 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/23 18:21:50 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:32:40 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Local\Play65
[2011/12/15 12:45:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT
[2011/12/14 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Lønsedler
[2011/12/13 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft.temp
[2011/12/13 00:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/12/07 23:51:51 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/06 22:28:10 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 22:00:34 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/12/06 22:00:34 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/12/06 22:00:34 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/12/06 18:27:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/06 18:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/12/06 17:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/12/06 16:50:41 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/12/06 16:50:41 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/12/06 16:50:41 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/12/06 16:50:41 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/12/06 16:50:39 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/12/06 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/06 16:50:37 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/06 11:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/11/27 13:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2011/11/27 13:36:27 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/11/27 13:32:11 | 000,000,000 | -HSD | C] -- C:\Users\Michael Eilersen\AppData\Local\df6f4e3b
[2011/11/26 02:19:38 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\FIFA 11
[2011/11/25 01:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxury Casino
[2011/11/25 01:38:02 | 000,000,000 | ---D | C] -- C:\Microgaming
[2011/11/25 01:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
[2011/11/24 10:38:33 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Leadertech
[2 C:\Users\Michael Eilersen\Documents\*.tmp files -> C:\Users\Michael Eilersen\Documents\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 22:03:46 | 000,875,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/23 22:03:46 | 000,715,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/23 22:03:46 | 000,151,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/23 22:01:42 | 000,000,432 | ---- | M] () -- C:\ProgramData\NW20px6Jl3tZWq
[2011/12/23 22:01:17 | 000,000,296 | ---- | M] () -- C:\ProgramData\~NW20px6Jl3tZWq
[2011/12/23 22:01:17 | 000,000,208 | ---- | M] () -- C:\ProgramData\~NW20px6Jl3tZWqr
[2011/12/23 22:01:14 | 000,000,601 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 21:59:36 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
[2011/12/23 21:58:53 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/12/23 21:58:52 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/12/23 21:57:26 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/23 21:57:26 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/23 21:57:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/23 18:50:58 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:28 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/23 18:21:50 | 000,000,625 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 18:20:50 | 000,378,880 | ---- | M] () -- C:\ProgramData\NW20px6Jl3tZWq.exe
[2011/12/23 13:02:43 | 000,684,297 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 12:47:54 | 000,001,460 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2011/12/23 12:21:58 | 000,477,184 | ---- | M] () -- C:\ProgramData\FJVBhpobWuHu.exe
[2011/12/22 17:49:20 | 000,069,120 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/21 16:21:18 | 000,002,675 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/21 08:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
[2011/12/16 17:34:12 | 000,000,824 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 19:46:44 | 000,000,912 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 19:46:44 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/15 18:00:29 | 000,002,097 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Google Chrome.lnk
[2011/12/15 18:00:29 | 000,002,059 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/15 15:56:04 | 000,000,973 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 15:54:08 | 003,327,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/15 12:45:14 | 000,020,956 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:39:21 | 002,933,318 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/15 12:30:37 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/12/15 12:30:37 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/12/15 12:30:36 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011/12/15 12:30:36 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011/12/15 12:30:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/14 12:26:28 | 000,002,633 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/14 12:07:57 | 002,039,842 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:55:18 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/13 23:53:05 | 118,082,211 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/07 23:51:53 | 002,540,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 22:38:49 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:37:38 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:26:55 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 17:06:09 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 17:06:09 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/06 16:50:38 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/06 16:18:35 | 000,000,972 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/06 11:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/11/28 00:34:00 | 000,001,356 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[2011/11/25 01:38:47 | 000,001,733 | ---- | M] () -- C:\Users\Public\Desktop\Luxury Casino.lnk
[2011/11/24 10:38:50 | 000,001,221 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk
[2 C:\Users\Michael Eilersen\Documents\*.tmp files -> C:\Users\Michael Eilersen\Documents\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/23 22:27:08 | 000,001,589 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/12/23 22:27:08 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/12/23 22:01:14 | 000,000,625 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 22:01:14 | 000,000,601 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 21:28:45 | 000,684,297 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 18:21:51 | 000,000,296 | ---- | C] () -- C:\ProgramData\~NW20px6Jl3tZWq
[2011/12/23 18:21:51 | 000,000,208 | ---- | C] () -- C:\ProgramData\~NW20px6Jl3tZWqr
[2011/12/23 18:21:46 | 000,000,432 | ---- | C] () -- C:\ProgramData\NW20px6Jl3tZWq
[2011/12/23 18:20:50 | 000,378,880 | ---- | C] () -- C:\ProgramData\NW20px6Jl3tZWq.exe
[2011/12/23 13:16:56 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011/12/23 13:16:56 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2010.lnk
[2011/12/23 13:16:56 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Engelsk-Dansk Dansk-Engelsk.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:56 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2011/12/23 13:16:56 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/23 13:16:56 | 000,001,813 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/23 13:16:56 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/12/23 13:16:56 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Luxury Casino.lnk
[2011/12/23 13:16:56 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/23 13:16:56 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/12/23 13:16:56 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Batch Image To PDF.lnk
[2011/12/23 13:16:56 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/23 13:16:56 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Batch PDF Pro.lnk
[2011/12/23 13:16:56 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\R 2.11.1.lnk
[2011/12/23 13:16:56 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\R 2.8.1.lnk
[2011/12/23 13:16:56 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/12/23 13:16:56 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2011/12/23 13:16:56 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/23 13:16:56 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Mobipocket Creator.lnk
[2011/12/23 13:16:56 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\DVDneXtCOPY 4.lnk
[2011/12/23 13:16:56 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\YouSee Player.lnk
[2011/12/23 13:16:56 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/12/23 13:16:56 | 000,000,673 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD 2010.lnk
[2011/12/23 13:16:56 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/12/23 13:16:56 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\JPG To PDF Converter.lnk
[2011/12/23 13:16:56 | 000,000,134 | ---- | C] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
[2011/12/23 13:16:53 | 000,002,675 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/23 13:16:53 | 000,002,633 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/23 13:16:53 | 000,002,059 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/23 13:16:53 | 000,002,037 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011/12/23 13:16:53 | 000,001,954 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2011/12/23 13:16:53 | 000,001,952 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:53 | 000,001,692 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/12/23 13:16:53 | 000,001,667 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
[2011/12/23 13:16:53 | 000,001,481 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS4.lnk
[2011/12/23 13:16:53 | 000,001,228 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe After Effects CS4.lnk
[2011/12/23 13:16:53 | 000,001,125 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Liquid Story Binder XE.lnk
[2011/12/23 13:16:53 | 000,001,071 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop CS4 (64 Bit).lnk
[2011/12/23 13:16:53 | 000,001,047 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/12/23 13:16:53 | 000,001,008 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Image to PDF Converter Free.lnk
[2011/12/23 13:16:53 | 000,000,974 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\WinBUGS14.exe - Shortcut.lnk
[2011/12/23 13:16:53 | 000,000,973 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/23 13:16:53 | 000,000,968 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/12/23 13:16:53 | 000,000,950 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\CINEMA 4D Release 11 64 Bit.lnk
[2011/12/23 13:16:53 | 000,000,912 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/23 13:16:53 | 000,000,898 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\vlc.lnk
[2011/12/23 13:16:53 | 000,000,826 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk
[2011/12/23 13:16:53 | 000,000,806 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/12/23 13:16:53 | 000,000,544 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\JPG To PDF Converter.lnk
[2011/12/23 13:16:53 | 000,000,258 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/23 13:16:53 | 000,000,240 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/23 13:16:47 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/12/23 13:16:47 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011/12/23 13:16:47 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/12/23 13:16:47 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/12/23 13:16:47 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/23 13:16:47 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/12/23 13:16:47 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/23 13:16:47 | 000,001,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/12/23 13:16:47 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/12/23 13:16:47 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/12/23 13:16:47 | 000,001,763 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/12/23 13:16:47 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/12/23 13:16:47 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/12/23 13:16:47 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/23 13:16:47 | 000,001,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer EP.lnk
[2011/12/23 13:16:47 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/12/23 13:16:47 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS3.lnk
[2011/12/23 13:16:47 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/12/23 13:16:47 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/12/23 13:16:47 | 000,000,916 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/12/23 13:16:47 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/23 13:16:47 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/12/23 13:16:47 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouSee Player.lnk
[2011/12/23 13:16:47 | 000,000,732 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSJ.lnk
[2011/12/23 13:16:47 | 000,000,685 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD 2010.lnk
[2011/12/23 13:10:25 | 000,000,972 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/23 13:10:25 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/23 12:25:50 | 000,477,184 | ---- | C] () -- C:\ProgramData\FJVBhpobWuHu.exe
[2011/12/16 17:34:12 | 000,000,824 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 15:56:04 | 000,000,979 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:30:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/14 12:07:57 | 002,039,842 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:51:39 | 118,082,211 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/06 22:39:30 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:38:06 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:00:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/12/06 22:00:34 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip
[2011/12/06 22:00:34 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/12/06 22:00:34 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/12/06 22:00:34 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/12/06 17:06:09 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 16:50:42 | 002,933,318 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/24 10:38:50 | 000,001,221 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk
[2011/10/07 00:07:02 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011/01/08 10:31:19 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 10:31:19 | 000,000,008 | RHS- | C] () -- C:\ProgramData\476E5D3C28.sys
[2011/01/02 10:16:43 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/02 10:16:43 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/12/31 01:16:56 | 000,000,221 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\burnaware.ini
[2010/12/24 14:39:15 | 000,233,472 | ---- | C] () -- C:\Windows\Dqihia.exe
[2010/12/13 16:43:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/12/05 12:47:43 | 000,000,000 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\.NANotifyHere
[2010/06/30 21:03:43 | 000,003,433 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\SAS7_000.DAT
[2010/06/05 12:01:33 | 000,000,158 | ---- | C] () -- C:\Windows\matlab.ini
[2010/04/23 14:20:44 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/04/12 12:06:17 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/03/22 22:27:44 | 000,000,351 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2010/03/04 10:35:07 | 000,395,776 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/03/04 10:35:07 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/03/04 10:35:07 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/02/14 15:12:33 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/02/14 13:46:05 | 000,000,045 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\machpro.dat
[2009/12/07 14:44:22 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009/12/07 14:44:22 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009/11/09 14:15:31 | 000,145,558 | ---- | C] () -- C:\Windows\hpoins13.dat
[2009/09/18 06:31:56 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 06:30:41 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/18 06:30:04 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/06 21:58:17 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/08/07 15:49:47 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/07 15:49:23 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/15 13:32:53 | 001,507,328 | ---- | C] () -- C:\Windows\SysWow64\nView.dll
[2009/07/15 13:32:53 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll
[2009/07/05 16:56:32 | 000,000,144 | ---- | C] () -- C:\Windows\SysWow64\lkfl.dat
[2009/07/05 16:56:32 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\pdfl.dat
[2009/07/05 16:56:32 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\ibfl.dat
[2009/07/01 18:02:03 | 000,004,965 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/06/28 18:18:47 | 000,001,365 | ---- | C] () -- C:\Windows\IPokerscope.ini
[2009/06/12 18:35:57 | 000,001,356 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2009/06/10 18:23:33 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2009/06/10 18:23:33 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2009/06/10 18:23:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009/04/06 21:26:10 | 001,362,460 | ---- | C] () -- C:\Windows\SysWow64\ExpansionHD_Firmware.bin
[2009/03/30 19:50:22 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\Uninstow.exe
[2009/03/11 23:48:03 | 000,000,024 | ---- | C] () -- C:\Windows\TEXTware.ini
[2009/03/09 17:24:07 | 000,130,858 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/03/09 17:23:56 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2009/03/02 00:10:25 | 000,036,868 | ---- | C] () -- C:\Program Files (x86)\uninst-Particular.exe
[2009/02/04 18:59:31 | 004,372,059 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\NMM-MetaData.db
[2008/11/23 00:22:01 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_fts3.dll
[2008/11/23 00:22:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_rtree.dll
[2008/11/23 00:22:01 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_impexp.dll
[2008/11/23 00:22:00 | 000,001,462 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/23 00:22:00 | 000,000,837 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/02 15:41:58 | 000,000,104 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\fusioncache.dat
[2008/11/02 15:26:43 | 000,818,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/11/01 23:24:13 | 000,024,226 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\UserTile.png
[2008/10/31 00:23:34 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2008/10/22 21:14:53 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/22 12:42:49 | 000,069,120 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/21 14:05:34 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/10/21 13:25:26 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/10/21 13:25:26 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/10/21 13:25:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/10/21 13:25:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/10/21 13:03:08 | 000,036,924 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/10/21 13:02:49 | 000,034,756 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/21 12:17:38 | 000,001,460 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2008/02/08 17:03:43 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll
[2008/02/04 18:23:10 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/03/29 22:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\SysWow64\CddbCdda.dll
[2007/01/22 17:05:38 | 000,000,811 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/06/13 08:12:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\winOGL.dll
[2000/04/12 16:23:18 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[1997/09/30 15:29:10 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL

========== LOP Check ==========

[2010/06/03 17:04:47 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\ADDINSOFT
[2009/03/23 00:10:19 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Autodesk
[2010/12/04 15:43:00 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\AviDvdBurner
[2010/12/24 15:45:11 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Batch Image To PDF
[2010/02/07 12:46:58 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\CheckPoint
[2009/08/09 12:38:05 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\CleanMyPC Software
[2010/03/22 21:53:50 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/09/03 15:17:18 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Cryptomathic
[2009/12/18 20:22:27 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\DAEMON Tools Pro
[2011/10/27 09:10:59 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\dk.in2media.yousee.youseeplayer
[2011/10/03 20:52:29 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Dropbox
[2011/01/15 07:22:15 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\EndNote
[2010/12/11 19:20:46 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\GetRight
[2009/03/11 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Gyldendal
[2010/12/11 20:02:42 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\HEM Data
[2009/04/14 19:04:21 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Hemera
[2011/12/14 12:03:53 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Image Zone Express
[2008/11/02 19:36:33 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\IrfanView
[2011/11/24 10:38:33 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Leadertech
[2010/09/13 13:48:59 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\LSJ.10833097DC514EE51FEAD518FDC12673948D1995.1
[2009/03/14 22:45:27 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\MAXON
[2010/05/10 08:20:36 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Microgaming
[2010/12/22 19:28:27 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Mobipocket
[2010/12/28 12:54:58 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\NETELLER app
[2010/03/17 00:39:53 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\NeuLion
[2009/02/04 18:59:31 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Nokia
[2010/06/30 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Nuance
[2011/04/28 20:37:48 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Opera
[2009/04/06 21:27:25 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\PACE Anti-Piracy
[2009/02/04 15:09:09 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\PC Suite
[2010/12/22 19:23:09 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\pdftoepub
[2008/11/01 23:24:12 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\PeerNetworking
[2010/09/12 21:10:53 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Politiken
[2009/08/11 12:25:56 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\postgresql
[2011/10/01 08:05:31 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Printer Info Cache
[2011/11/28 00:45:37 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\QuickScan
[2009/08/20 21:51:00 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Red Alert 3
[2010/06/08 21:51:50 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\SAS
[2010/12/26 16:58:31 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Sports Interactive
[2010/06/04 14:31:55 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Stata10
[2009/09/13 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\StreamTorrent
[2009/03/11 23:48:13 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\TEXTware
[2010/12/24 15:04:59 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Thinstall
[2009/01/15 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\TMP
[2010/06/12 12:20:30 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\UDC Profiles
[2011/12/17 15:48:34 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\uTorrent
[2011/02/07 13:32:07 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Windows Live Writer
[2010/12/31 00:45:56 | 000,000,000 | ---D | M] -- C:\Users\Michael Eilersen\AppData\Roaming\Xilisoft
[2011/12/23 18:01:13 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/07/01 09:56:12 | 000,023,986 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx
[2010/06/17 19:08:03 | 000,143,275 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:07:58 | 000,143,275 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:05:05 | 000,060,770 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:02 | 000,060,770 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:00 | 000,023,986 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 252 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe



Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library

File::
C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
C:\Users\Michael Eilersen\Desktop\System Fix.lnk
C:\ProgramData\~NW20px6Jl3tZWq
C:\ProgramData\~NW20px6Jl3tZWqr
C:\ProgramData\NW20px6Jl3tZWq
C:\ProgramData\NW20px6Jl3tZWq.exe
C:\ProgramData\FJVBhpobWuHu.exe
C:\ProgramData\CLDShowX.ini
C:\Windows\Temp\afp64.exe

Folder::
C:\Users\Michael Eilersen\AppData\Local\df6f4e3b

RootKit::
C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
C:\Users\Michael Eilersen\Desktop\System Fix.lnk
C:\ProgramData\~NW20px6Jl3tZWq
C:\ProgramData\~NW20px6Jl3tZWqr
C:\ProgramData\NW20px6Jl3tZWq
C:\ProgramData\NW20px6Jl3tZWq.exe
C:\ProgramData\FJVBhpobWuHu.exe
C:\ProgramData\CLDShowX.ini
C:\Windows\Temp\afp64.exe

******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.


* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator

change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.




Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Do the following:
  • Click on the Start button and then choose Control Panel.
  • Click on the System and Security link.

    Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
  • In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
  • In the Administrative Tools window, double-click on the Computer Management icon.
  • When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

    After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

    Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply. Make sure that the column with the partition size is visible.
http://graphicssoft....nscreenshot.htm Save the file as a .jpg or the forum won't allow it.

Ron
  • 0

#3
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

Thanks a lot for your help. Everything went well except when I ran aswMBR.exe, within seconds after I hit scan the comp crashed with BSoD. I tried it 3 times with the same result, after that I continued with the rest of the steps.

The JPG was to big, so I zipped it. The logs are below.

Michael


ComboFix 11-12-27.01 - Michael Eilersen 12/27/2011 19:41:14.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1033.18.8190.6014 [GMT 1:00]
Kører fra: c:\users\Michael Eilersen\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Michael Eilersen\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
FILE ::
"c:\programdata\~NW20px6Jl3tZWq"
"c:\programdata\~NW20px6Jl3tZWqr"
"c:\programdata\CLDShowX.ini"
"c:\programdata\FJVBhpobWuHu.exe"
"c:\programdata\NW20px6Jl3tZWq"
"c:\programdata\NW20px6Jl3tZWq.exe"
"c:\users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk"
"c:\users\Michael Eilersen\Desktop\System Fix.lnk"
"c:\windows\Temp\afp64.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\~NW20px6Jl3tZWq
c:\programdata\~NW20px6Jl3tZWqr
c:\programdata\NW20px6Jl3tZWq
c:\programdata\NW20px6Jl3tZWq.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setup.dll
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.dat
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe
c:\programdata\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.ico
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\users\Michael Eilersen\AppData\Local\df6f4e3b
c:\users\Michael Eilersen\AppData\Local\df6f4e3b\@
c:\users\Michael Eilersen\AppData\Local\df6f4e3b\U\[email protected]
c:\users\Michael Eilersen\AppData\Local\df6f4e3b\U\[email protected]
c:\users\Michael Eilersen\AppData\Local\df6f4e3b\U\[email protected]
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\System Fix.lnk
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\Uninstall System Fix.lnk
c:\users\Michael Eilersen\Documents\~WRL0003.tmp
c:\users\Michael Eilersen\Documents\~WRL1735.tmp
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\assembly\tmp\U\[email protected]
c:\windows\IsUn0406.exe
c:\windows\system32\consrv.dll
c:\windows\system32\Nagasoft
c:\windows\SysWow64\CddbCdda.dll
c:\windows\SysWow64\Nagasoft
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2011-11-27 til 2011-12-27 )))))))))))))))))))))))))))))))))))
.
.
2011-12-16 16:32 . 2011-12-16 16:54 -------- d-----w- c:\users\Michael Eilersen\AppData\Local\Play65
2011-12-15 18:46 . 2011-12-13 18:17 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-15 18:46 . 2011-12-13 18:17 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-15 18:46 . 2011-12-13 18:17 814040 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-12-15 18:46 . 2011-12-13 18:17 2124760 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-12-15 18:46 . 2011-12-13 18:17 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-15 18:46 . 2011-12-13 18:17 486360 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-15 18:46 . 2011-12-13 18:17 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-12-15 18:46 . 2011-12-13 05:52 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-15 18:46 . 2011-12-13 05:52 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-15 18:46 . 2011-12-13 05:52 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-15 18:46 . 2011-12-13 05:52 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-15 18:46 . 2011-12-13 05:52 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-15 11:27 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 11:27 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 11:27 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 11:27 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 11:27 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 11:27 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-12-15 11:21 . 2009-08-19 22:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\program files (x86)\World of Warcraft.temp
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-12-06 22:19 . 2011-12-06 22:19 -------- d-----w- c:\program files\ESET
2011-12-06 21:00 . 2010-12-09 09:48 1996752 ----a-w- c:\windows\PCTBDCore.dll
2011-12-06 21:00 . 2010-12-03 14:34 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-12-06 21:00 . 2010-12-03 14:34 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-12-06 21:00 . 2010-12-03 14:34 767952 ----a-w- c:\windows\BDTSupport.dll
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\programdata\!SASCORE
2011-12-06 16:06 . 2011-12-06 16:06 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-12-06 16:06 . 2011-12-06 16:06 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-12-06 16:05 . 2011-12-06 16:05 -------- d-----w- c:\programdata\Hitman Pro
2011-12-06 15:50 . 2010-11-17 09:20 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2011-12-06 15:50 . 2010-11-17 09:20 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2011-12-06 15:50 . 2010-07-16 13:53 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
2011-12-06 15:50 . 2010-06-29 09:35 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys
2011-12-06 15:50 . 2010-11-25 09:43 257232 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2011-12-06 15:50 . 2010-11-25 09:42 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
2011-12-06 15:50 . 2011-12-27 18:10 -------- d-----w- c:\program files (x86)\PC Tools Security
2011-12-06 15:50 . 2011-12-06 15:52 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\programdata\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\PC Tools
2011-12-06 10:51 . 2011-12-13 22:53 -------- d-----w- c:\programdata\AVAST Software
2011-12-06 10:51 . 2011-12-06 10:51 -------- d-----w- c:\program files\AVAST Software
2011-12-06 10:36 . 2011-12-07 22:52 -------- d-----w- c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 11:07 . 2011-09-18 08:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-25 09:06 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FEC62F5-785C-40B8-B1DB-F3960CD3E519}\mpengine.dll
2009-03-01 23:10 . 2009-03-01 23:10 36868 ----a-w- c:\program files (x86)\uninst-Particular.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-01-01 1242448]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Boxoft Tools"="c:\programdata\Boxtools\Boxofttoolbox.exe" [2010-12-15 514048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-09-07 40376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2010-12-03 108496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ZAFFRegisterTrustChecker"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"ZAFFRegisterTrustCheckerIE"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"FlashPlayerUpdate"="c:\windows\SysWow64\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936]
.
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FIFA 11 Registration.lnk - c:\program files (x86)\EA SPORTS\FIFA 11\Support\EAregister.exe [N/A]
SpywareGuard.lnk - c:\program files (x86)\SpywareGuard\sgmain.exe [2003-8-29 360448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
IME File REG_SZ IMSC12.IME
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
Ime File REG_SZ imjp12.ime
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200412]
Ime File REG_SZ IMKR12.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-03-12 288112]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2008-10-27 1038088]
R3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [x]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/23 15:48];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2010-12-09 247760]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-05-14 4901888]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF12335.3XE" [2008-01-21 363008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.b.dk
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.berlingske.dk/
FF - prefs.js: network.proxy.type - 0
FF - user.js: extentions.y2layers.installId - cfbda1d4-73a7-4b12-94b0-72236fe94cf7
FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader,
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Wow6432Node-HKCU-Run-NETELLER app - c:\program files (x86)\NETELLER app\NETELLER-app.exe
Wow6432Node-HKLM-Run-GrooveMonitor - c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} - c:\program files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe
AddRemove-PostgreSQL 8.4 - c:\program files (x86)\PostgreSQL\8.4\uninstall-postgresql.exe
AddRemove-{32E4F0D2-C135-475E-A841-1D59A0D22989} - c:\program files (x86)\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe
AddRemove-{3E4B349F-10B5-4586-9D99-489A90A8B228} - c:\program files (x86)\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe
AddRemove-{6600970A-BAE7-412A-BFFC-91AD793B3A41} - c:\program files (x86)\InstallShield Installation Information\{6600970A-BAE7-412A-BFFC-91AD793B3A41}\Setup.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} - c:\program files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe
AddRemove-{F0A37341-D692-11D4-A984-009027EC0A9C} - c:\program files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"=""
"FMPath"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\"
"ScreenshotsDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011"
"SaveDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="c:\\FM Genie Scout 11\\History Points"
"LangDB"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\data\\updates\\update-1130\\db\\1130\\lang_db.dat"
"LastSaveGame"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games\\rotherham - 1.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"GraphStep"=dword:00000000
"SkinName"="PSV Eindhoven"
"LastUpdateCheck"=dword:00009e56
"VersionOf"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000081
"UniqueID"="C5-E580-EF4F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000019
"StaffSearchFeatureNum"=dword:00000005
"ClubSearchFeatureNum"=dword:00000003
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000012
"ExportFeatureNum"=dword:00000002
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:0000001b
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000000
"TopFormationFeatureNum"=dword:00000002
"ScreenshotFeatureNum"=dword:00000000
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*d?· \OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*ãÿþ#\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\SecuROM\License information*]
"datasecu"=hex:35,73,a2,9d,f6,d5,2f,c9,5e,b8,79,1c,64,c8,db,aa,33,c2,51,bf,23,
bb,c2,16,09,4e,d3,78,74,0e,d3,8f,65,75,5f,99,a0,ba,8d,83,0e,be,f6,e9,e4,38,\
"rkeysecu"=hex:fe,cb,78,e3,3b,96,d1,f0,12,62,bd,76,da,36,fc,ca
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
.
**************************************************************************
.
Gennemført tid: 2011-12-27 20:15:41 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2011-12-27 19:15
.
Pre-Kørsel: 69,860,196,352 bytes free
Post-Kørsel: 85,942,976,512 bytes free
.
- - End Of File - - D16AEB019DA558057C15E821D3E12A30


21:46:37.0669 3204 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
21:46:37.0856 3204 ============================================================
21:46:37.0856 3204 Current date / time: 2011/12/27 21:46:37.0856
21:46:37.0856 3204 SystemInfo:
21:46:37.0856 3204
21:46:37.0856 3204 OS Version: 6.0.6002 ServicePack: 2.0
21:46:37.0856 3204 Product type: Workstation
21:46:37.0856 3204 ComputerName: EILER-PC
21:46:37.0856 3204 UserName: Michael Eilersen
21:46:37.0856 3204 Windows directory: C:\Windows
21:46:37.0856 3204 System windows directory: C:\Windows
21:46:37.0856 3204 Running under WOW64
21:46:37.0856 3204 Processor architecture: Intel x64
21:46:37.0856 3204 Number of processors: 4
21:46:37.0856 3204 Page size: 0x1000
21:46:37.0856 3204 Boot type: Normal boot
21:46:37.0856 3204 ============================================================
21:46:38.0495 3204 Initialize success
21:46:52.0255 3928 ============================================================
21:46:52.0255 3928 Scan started
21:46:52.0255 3928 Mode: Manual;
21:46:52.0255 3928 ============================================================
21:46:52.0988 3928 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
21:46:52.0988 3928 ACPI - ok
21:46:53.0035 3928 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
21:46:53.0035 3928 adfs - ok
21:46:53.0066 3928 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
21:46:53.0081 3928 ADIHdAudAddService - ok
21:46:53.0097 3928 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
21:46:53.0113 3928 adp94xx - ok
21:46:53.0128 3928 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
21:46:53.0144 3928 adpahci - ok
21:46:53.0159 3928 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
21:46:53.0159 3928 adpu160m - ok
21:46:53.0175 3928 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
21:46:53.0175 3928 adpu320 - ok
21:46:53.0206 3928 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
21:46:53.0206 3928 AFD - ok
21:46:53.0237 3928 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
21:46:53.0237 3928 agp440 - ok
21:46:53.0253 3928 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
21:46:53.0253 3928 aic78xx - ok
21:46:53.0269 3928 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
21:46:53.0269 3928 aliide - ok
21:46:53.0284 3928 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
21:46:53.0284 3928 amdide - ok
21:46:53.0300 3928 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
21:46:53.0300 3928 AmdK8 - ok
21:46:53.0331 3928 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
21:46:53.0331 3928 arc - ok
21:46:53.0347 3928 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
21:46:53.0347 3928 arcsas - ok
21:46:53.0347 3928 AsIO - ok
21:46:53.0378 3928 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
21:46:53.0378 3928 AsyncMac - ok
21:46:53.0393 3928 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
21:46:53.0393 3928 atapi - ok
21:46:53.0393 3928 Beep - ok
21:46:53.0425 3928 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
21:46:53.0425 3928 blbdrive - ok
21:46:53.0503 3928 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
21:46:53.0503 3928 bowser - ok
21:46:53.0518 3928 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
21:46:53.0518 3928 BrFiltLo - ok
21:46:53.0534 3928 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
21:46:53.0534 3928 BrFiltUp - ok
21:46:53.0565 3928 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
21:46:53.0565 3928 Brserid - ok
21:46:53.0596 3928 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
21:46:53.0596 3928 BrSerWdm - ok
21:46:53.0612 3928 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
21:46:53.0612 3928 BrUsbMdm - ok
21:46:53.0627 3928 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
21:46:53.0627 3928 BrUsbSer - ok
21:46:53.0643 3928 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
21:46:53.0643 3928 BTHMODEM - ok
21:46:53.0659 3928 catchme - ok
21:46:53.0674 3928 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
21:46:53.0674 3928 cdfs - ok
21:46:53.0705 3928 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
21:46:53.0705 3928 cdrom - ok
21:46:53.0721 3928 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
21:46:53.0721 3928 circlass - ok
21:46:53.0752 3928 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
21:46:53.0752 3928 CLFS - ok
21:46:53.0783 3928 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
21:46:53.0783 3928 cmdide - ok
21:46:53.0799 3928 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
21:46:53.0799 3928 Compbatt - ok
21:46:53.0799 3928 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
21:46:53.0799 3928 crcdisk - ok
21:46:53.0846 3928 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
21:46:53.0846 3928 DfsC - ok
21:46:53.0861 3928 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
21:46:53.0861 3928 disk - ok
21:46:53.0893 3928 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
21:46:53.0893 3928 Dot4 - ok
21:46:53.0893 3928 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:46:53.0893 3928 Dot4Print - ok
21:46:53.0908 3928 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
21:46:53.0908 3928 dot4usb - ok
21:46:53.0939 3928 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
21:46:53.0939 3928 drmkaud - ok
21:46:54.0002 3928 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
21:46:54.0017 3928 DXGKrnl - ok
21:46:54.0049 3928 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
21:46:54.0049 3928 E1G60 - ok
21:46:54.0080 3928 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
21:46:54.0080 3928 Ecache - ok
21:46:54.0111 3928 ElbyCDIO (15814b675e9d08953f2c64e4e5ccb4f4) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:46:54.0111 3928 ElbyCDIO - ok
21:46:54.0142 3928 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
21:46:54.0158 3928 elxstor - ok
21:46:54.0173 3928 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
21:46:54.0173 3928 ErrDev - ok
21:46:54.0205 3928 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
21:46:54.0205 3928 exfat - ok
21:46:54.0220 3928 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
21:46:54.0220 3928 fastfat - ok
21:46:54.0236 3928 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
21:46:54.0236 3928 fdc - ok
21:46:54.0267 3928 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
21:46:54.0267 3928 FileInfo - ok
21:46:54.0283 3928 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
21:46:54.0283 3928 Filetrace - ok
21:46:54.0314 3928 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:46:54.0314 3928 flpydisk - ok
21:46:54.0329 3928 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
21:46:54.0345 3928 FltMgr - ok
21:46:54.0361 3928 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
21:46:54.0376 3928 Fs_Rec - ok
21:46:54.0392 3928 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
21:46:54.0392 3928 gagp30kx - ok
21:46:54.0423 3928 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:46:54.0423 3928 GEARAspiWDM - ok
21:46:54.0439 3928 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
21:46:54.0439 3928 HdAudAddService - ok
21:46:54.0501 3928 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:46:54.0517 3928 HDAudBus - ok
21:46:54.0532 3928 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
21:46:54.0548 3928 HidBth - ok
21:46:54.0548 3928 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
21:46:54.0563 3928 HidIr - ok
21:46:54.0579 3928 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
21:46:54.0579 3928 HidUsb - ok
21:46:54.0626 3928 hitmanpro35 (c6ff685e2ea55c3ac5c90b9e7d6930c0) C:\Windows\system32\drivers\hitmanpro35.sys
21:46:54.0626 3928 hitmanpro35 - ok
21:46:54.0641 3928 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
21:46:54.0641 3928 HpCISSs - ok
21:46:54.0704 3928 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
21:46:54.0719 3928 HTTP - ok
21:46:54.0735 3928 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
21:46:54.0735 3928 i2omp - ok
21:46:54.0751 3928 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
21:46:54.0751 3928 i8042prt - ok
21:46:54.0766 3928 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
21:46:54.0766 3928 iaStorV - ok
21:46:54.0782 3928 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
21:46:54.0782 3928 iirsp - ok
21:46:54.0813 3928 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
21:46:54.0813 3928 intelide - ok
21:46:54.0829 3928 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
21:46:54.0829 3928 intelppm - ok
21:46:54.0875 3928 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:46:54.0875 3928 IpFilterDriver - ok
21:46:54.0891 3928 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
21:46:54.0891 3928 IPMIDRV - ok
21:46:54.0907 3928 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
21:46:54.0907 3928 IPNAT - ok
21:46:54.0922 3928 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
21:46:54.0922 3928 IRENUM - ok
21:46:54.0938 3928 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
21:46:54.0938 3928 isapnp - ok
21:46:54.0953 3928 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
21:46:54.0953 3928 iScsiPrt - ok
21:46:54.0969 3928 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
21:46:54.0985 3928 iteatapi - ok
21:46:54.0985 3928 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
21:46:54.0985 3928 iteraid - ok
21:46:55.0000 3928 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
21:46:55.0000 3928 kbdclass - ok
21:46:55.0031 3928 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
21:46:55.0031 3928 kbdhid - ok
21:46:55.0063 3928 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
21:46:55.0078 3928 KSecDD - ok
21:46:55.0094 3928 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
21:46:55.0094 3928 ksthunk - ok
21:46:55.0109 3928 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
21:46:55.0109 3928 lltdio - ok
21:46:55.0141 3928 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
21:46:55.0141 3928 LSI_FC - ok
21:46:55.0156 3928 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
21:46:55.0156 3928 LSI_SAS - ok
21:46:55.0172 3928 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
21:46:55.0172 3928 LSI_SCSI - ok
21:46:55.0187 3928 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
21:46:55.0187 3928 luafv - ok
21:46:55.0203 3928 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
21:46:55.0203 3928 megasas - ok
21:46:55.0219 3928 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
21:46:55.0234 3928 MegaSR - ok
21:46:55.0250 3928 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
21:46:55.0250 3928 Modem - ok
21:46:55.0297 3928 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
21:46:55.0297 3928 monitor - ok
21:46:55.0312 3928 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
21:46:55.0312 3928 mouclass - ok
21:46:55.0328 3928 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
21:46:55.0328 3928 mouhid - ok
21:46:55.0343 3928 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
21:46:55.0343 3928 MountMgr - ok
21:46:55.0359 3928 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
21:46:55.0359 3928 mpio - ok
21:46:55.0375 3928 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
21:46:55.0375 3928 mpsdrv - ok
21:46:55.0390 3928 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
21:46:55.0390 3928 Mraid35x - ok
21:46:55.0406 3928 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
21:46:55.0421 3928 MRxDAV - ok
21:46:55.0437 3928 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:46:55.0437 3928 mrxsmb - ok
21:46:55.0453 3928 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:46:55.0453 3928 mrxsmb10 - ok
21:46:55.0468 3928 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:46:55.0468 3928 mrxsmb20 - ok
21:46:55.0484 3928 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
21:46:55.0484 3928 msahci - ok
21:46:55.0499 3928 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
21:46:55.0499 3928 msdsm - ok
21:46:55.0515 3928 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
21:46:55.0515 3928 Msfs - ok
21:46:55.0531 3928 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
21:46:55.0531 3928 msisadrv - ok
21:46:55.0546 3928 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
21:46:55.0546 3928 MSKSSRV - ok
21:46:55.0562 3928 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
21:46:55.0562 3928 MSPCLOCK - ok
21:46:55.0577 3928 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
21:46:55.0577 3928 MSPQM - ok
21:46:55.0609 3928 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
21:46:55.0624 3928 MsRPC - ok
21:46:55.0640 3928 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
21:46:55.0640 3928 mssmbios - ok
21:46:55.0655 3928 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
21:46:55.0671 3928 MSTEE - ok
21:46:55.0671 3928 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
21:46:55.0671 3928 MTsensor - ok
21:46:55.0687 3928 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
21:46:55.0687 3928 Mup - ok
21:46:55.0702 3928 mv61xx (792ca0761a6ff267fb271fa4dbe8cd84) C:\Windows\system32\DRIVERS\mv61xx.sys
21:46:55.0702 3928 mv61xx - ok
21:46:55.0765 3928 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
21:46:55.0765 3928 NativeWifiP - ok
21:46:55.0811 3928 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
21:46:55.0811 3928 NDIS - ok
21:46:55.0827 3928 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
21:46:55.0827 3928 NdisTapi - ok
21:46:55.0827 3928 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
21:46:55.0843 3928 Ndisuio - ok
21:46:55.0858 3928 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:55.0858 3928 NdisWan - ok
21:46:55.0874 3928 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
21:46:55.0874 3928 NDProxy - ok
21:46:55.0905 3928 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
21:46:55.0905 3928 NetBIOS - ok
21:46:55.0936 3928 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
21:46:55.0936 3928 netbt - ok
21:46:55.0952 3928 netr28ux (c553716f6f7bca3444cee52dfb7c9016) C:\Windows\system32\DRIVERS\netr28ux.sys
21:46:55.0983 3928 netr28ux - ok
21:46:55.0999 3928 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
21:46:55.0999 3928 nfrd960 - ok
21:46:56.0030 3928 nmwcdcx64 (bf8bd79edb75b4eafc6892424ad3485c) C:\Windows\system32\drivers\ccdcmbox64.sys
21:46:56.0030 3928 nmwcdcx64 - ok
21:46:56.0061 3928 nmwcdx64 (3fad4113e2ac9b36f97dfa28ad37fd8d) C:\Windows\system32\drivers\ccdcmbx64.sys
21:46:56.0061 3928 nmwcdx64 - ok
21:46:56.0077 3928 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
21:46:56.0077 3928 Npfs - ok
21:46:56.0092 3928 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
21:46:56.0092 3928 nsiproxy - ok
21:46:56.0139 3928 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
21:46:56.0139 3928 Ntfs - ok
21:46:56.0155 3928 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
21:46:56.0155 3928 Null - ok
21:46:56.0342 3928 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:46:56.0498 3928 nvlddmkm - ok
21:46:56.0545 3928 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
21:46:56.0545 3928 nvraid - ok
21:46:56.0576 3928 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
21:46:56.0576 3928 nvstor - ok
21:46:56.0623 3928 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
21:46:56.0623 3928 nv_agp - ok
21:46:56.0638 3928 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
21:46:56.0654 3928 ohci1394 - ok
21:46:56.0669 3928 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
21:46:56.0669 3928 Parport - ok
21:46:56.0701 3928 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
21:46:56.0701 3928 partmgr - ok
21:46:56.0732 3928 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:46:56.0732 3928 pccsmcfd - ok
21:46:56.0732 3928 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
21:46:56.0747 3928 pci - ok
21:46:56.0747 3928 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
21:46:56.0763 3928 pciide - ok
21:46:56.0779 3928 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
21:46:56.0779 3928 pcmcia - ok
21:46:56.0825 3928 PCTCore (8f38fffa9e7b9d547b7921efa8edff3c) C:\Windows\system32\drivers\PCTCore64.sys
21:46:56.0825 3928 PCTCore - ok
21:46:56.0841 3928 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
21:46:56.0857 3928 pctDS - ok
21:46:56.0888 3928 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
21:46:56.0903 3928 pctEFA - ok
21:46:56.0935 3928 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
21:46:56.0950 3928 PEAUTH - ok
21:46:57.0044 3928 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
21:46:57.0044 3928 PptpMiniport - ok
21:46:57.0075 3928 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
21:46:57.0075 3928 Processor - ok
21:46:57.0091 3928 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
21:46:57.0091 3928 PSched - ok
21:46:57.0122 3928 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:46:57.0137 3928 PxHlpa64 - ok
21:46:57.0184 3928 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
21:46:57.0200 3928 ql2300 - ok
21:46:57.0231 3928 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
21:46:57.0231 3928 ql40xx - ok
21:46:57.0247 3928 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
21:46:57.0262 3928 QWAVEdrv - ok
21:46:57.0309 3928 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
21:46:57.0309 3928 RasAcd - ok
21:46:57.0325 3928 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:46:57.0325 3928 Rasl2tp - ok
21:46:57.0356 3928 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
21:46:57.0356 3928 RasPppoe - ok
21:46:57.0387 3928 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
21:46:57.0387 3928 RasSstp - ok
21:46:57.0418 3928 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
21:46:57.0418 3928 rdbss - ok
21:46:57.0418 3928 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:46:57.0418 3928 RDPCDD - ok
21:46:57.0449 3928 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
21:46:57.0449 3928 rdpdr - ok
21:46:57.0449 3928 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
21:46:57.0449 3928 RDPENCDD - ok
21:46:57.0465 3928 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
21:46:57.0481 3928 RDPWD - ok
21:46:57.0496 3928 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
21:46:57.0496 3928 regi - ok
21:46:57.0512 3928 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
21:46:57.0512 3928 rspndr - ok
21:46:57.0559 3928 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:46:57.0559 3928 SASDIFSV - ok
21:46:57.0559 3928 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:46:57.0559 3928 SASKUTIL - ok
21:46:57.0605 3928 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
21:46:57.0605 3928 sbp2port - ok
21:46:57.0637 3928 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:46:57.0637 3928 secdrv - ok
21:46:57.0683 3928 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
21:46:57.0683 3928 Sentinel64 - ok
21:46:57.0699 3928 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
21:46:57.0699 3928 Serenum - ok
21:46:57.0715 3928 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
21:46:57.0715 3928 Serial - ok
21:46:57.0730 3928 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
21:46:57.0730 3928 sermouse - ok
21:46:57.0746 3928 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
21:46:57.0746 3928 sffdisk - ok
21:46:57.0761 3928 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
21:46:57.0761 3928 sffp_mmc - ok
21:46:57.0761 3928 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
21:46:57.0761 3928 sffp_sd - ok
21:46:57.0777 3928 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
21:46:57.0777 3928 sfloppy - ok
21:46:57.0808 3928 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
21:46:57.0824 3928 SiSRaid2 - ok
21:46:57.0824 3928 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
21:46:57.0839 3928 SiSRaid4 - ok
21:46:57.0855 3928 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
21:46:57.0855 3928 Smb - ok
21:46:57.0871 3928 speedfan - ok
21:46:57.0886 3928 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
21:46:57.0886 3928 spldr - ok
21:46:57.0933 3928 sptd (4c33f139236fd9bd14a920f60c1cb072) C:\Windows\system32\Drivers\sptd.sys
21:46:57.0933 3928 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 4c33f139236fd9bd14a920f60c1cb072
21:46:57.0949 3928 sptd ( LockedFile.Multi.Generic ) - warning
21:46:57.0949 3928 sptd - detected LockedFile.Multi.Generic (1)
21:46:57.0995 3928 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
21:46:58.0011 3928 srv - ok
21:46:58.0042 3928 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
21:46:58.0058 3928 srv2 - ok
21:46:58.0105 3928 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
21:46:58.0105 3928 srvnet - ok
21:46:58.0120 3928 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
21:46:58.0120 3928 swenum - ok
21:46:58.0136 3928 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
21:46:58.0136 3928 Symc8xx - ok
21:46:58.0151 3928 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
21:46:58.0151 3928 Sym_hi - ok
21:46:58.0167 3928 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
21:46:58.0167 3928 Sym_u3 - ok
21:46:58.0214 3928 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
21:46:58.0229 3928 Tcpip - ok
21:46:58.0276 3928 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
21:46:58.0276 3928 Tcpip6 - ok
21:46:58.0307 3928 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
21:46:58.0307 3928 tcpipreg - ok
21:46:58.0323 3928 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
21:46:58.0323 3928 TDPIPE - ok
21:46:58.0354 3928 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
21:46:58.0354 3928 TDTCP - ok
21:46:58.0370 3928 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
21:46:58.0370 3928 tdx - ok
21:46:58.0401 3928 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
21:46:58.0401 3928 TermDD - ok
21:46:58.0432 3928 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
21:46:58.0432 3928 Tpkd - ok
21:46:58.0448 3928 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:46:58.0448 3928 tssecsrv - ok
21:46:58.0463 3928 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
21:46:58.0479 3928 tunmp - ok
21:46:58.0510 3928 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
21:46:58.0510 3928 tunnel - ok
21:46:58.0510 3928 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
21:46:58.0526 3928 uagp35 - ok
21:46:58.0541 3928 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
21:46:58.0557 3928 udfs - ok
21:46:58.0573 3928 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
21:46:58.0573 3928 uliagpkx - ok
21:46:58.0588 3928 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
21:46:58.0588 3928 uliahci - ok
21:46:58.0619 3928 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
21:46:58.0619 3928 UlSata - ok
21:46:58.0635 3928 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
21:46:58.0635 3928 ulsata2 - ok
21:46:58.0666 3928 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
21:46:58.0666 3928 umbus - ok
21:46:58.0713 3928 upperdev (67ed617ed48014447039a1ef4b9d05ec) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
21:46:58.0713 3928 upperdev - ok
21:46:58.0729 3928 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
21:46:58.0744 3928 usbaudio - ok
21:46:58.0775 3928 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
21:46:58.0775 3928 usbccgp - ok
21:46:58.0807 3928 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
21:46:58.0807 3928 usbcir - ok
21:46:58.0822 3928 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
21:46:58.0822 3928 usbehci - ok
21:46:58.0853 3928 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
21:46:58.0853 3928 usbhub - ok
21:46:58.0869 3928 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
21:46:58.0869 3928 usbohci - ok
21:46:58.0885 3928 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
21:46:58.0885 3928 usbprint - ok
21:46:58.0900 3928 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
21:46:58.0900 3928 usbscan - ok
21:46:58.0916 3928 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
21:46:58.0931 3928 usbser - ok
21:46:58.0947 3928 UsbserFilt (eb84ceaafec6680c8b04c40a5ede7147) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
21:46:58.0947 3928 UsbserFilt - ok
21:46:58.0963 3928 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:46:58.0963 3928 USBSTOR - ok
21:46:58.0978 3928 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
21:46:58.0978 3928 usbuhci - ok
21:46:59.0025 3928 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
21:46:59.0025 3928 usbvideo - ok
21:46:59.0072 3928 VClone (8fc6e3d302550a06c7c5db9f1ab54193) C:\Windows\system32\DRIVERS\VClone.sys
21:46:59.0072 3928 VClone - ok
21:46:59.0087 3928 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
21:46:59.0087 3928 vga - ok
21:46:59.0103 3928 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
21:46:59.0103 3928 VgaSave - ok
21:46:59.0119 3928 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
21:46:59.0119 3928 viaide - ok
21:46:59.0134 3928 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
21:46:59.0134 3928 volmgr - ok
21:46:59.0181 3928 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
21:46:59.0181 3928 volmgrx - ok
21:46:59.0212 3928 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
21:46:59.0212 3928 volsnap - ok
21:46:59.0228 3928 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
21:46:59.0228 3928 vsmraid - ok
21:46:59.0243 3928 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
21:46:59.0243 3928 WacomPen - ok
21:46:59.0275 3928 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:46:59.0275 3928 Wanarp - ok
21:46:59.0290 3928 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:46:59.0290 3928 Wanarpv6 - ok
21:46:59.0306 3928 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
21:46:59.0306 3928 Wd - ok
21:46:59.0337 3928 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
21:46:59.0353 3928 Wdf01000 - ok
21:46:59.0415 3928 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
21:46:59.0415 3928 WmiAcpi - ok
21:46:59.0462 3928 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
21:46:59.0477 3928 WpdUsb - ok
21:46:59.0493 3928 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
21:46:59.0493 3928 ws2ifsl - ok
21:46:59.0524 3928 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:46:59.0524 3928 WUDFRd - ok
21:46:59.0555 3928 yukonx64 (827aaae4f84945658b0b03da805df44e) C:\Windows\system32\DRIVERS\yk60x64.sys
21:46:59.0555 3928 yukonx64 - ok
21:46:59.0633 3928 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
21:46:59.0633 3928 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
21:46:59.0633 3928 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:46:59.0758 3928 \Device\Harddisk0\DR0 - ok
21:46:59.0758 3928 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
21:46:59.0774 3928 \Device\Harddisk1\DR1 - ok
21:46:59.0774 3928 Boot (0x1200) (76fef732bb3db9d48eb14ca12accd0df) \Device\Harddisk0\DR0\Partition0
21:46:59.0774 3928 \Device\Harddisk0\DR0\Partition0 - ok
21:46:59.0774 3928 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
21:46:59.0774 3928 \Device\Harddisk1\DR1\Partition0 - ok
21:46:59.0774 3928 Boot (0x1200) (27f98a1577fc88371edb4bbca4c39ab5) \Device\Harddisk1\DR1\Partition1
21:46:59.0774 3928 \Device\Harddisk1\DR1\Partition1 - ok
21:46:59.0774 3928 ============================================================
21:46:59.0774 3928 Scan finished
21:46:59.0774 3928 ============================================================
21:46:59.0774 3952 Detected object count: 1
21:46:59.0774 3952 Actual detected object count: 1
21:47:20.0865 3952 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:47:20.0865 3952 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:48:00.0988 3468 Deinitialize success


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122704

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

12/27/2011 10:04:54 PM
mbam-log-2011-12-27 (22-04-54).txt

Scan type: Quick scan
Objects scanned: 374158
Time elapsed: 3 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL logfile created on: 12/27/2011 10:13:01 PM - Run 8
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

8.00 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 73.63% Memory free
16.05 Gb Paging File | 13.97 Gb Available in Paging File | 87.07% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 79.00 Gb Free Space | 28.27% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 9.69 Gb Free Space | 0.69% Space Free | Partition Type: NTFS

Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2011/01/01 18:47:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 15:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2007/08/21 15:37:16 | 001,220,608 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\WiFi-AP @n\[email protected]
PRC - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/09 00:15:00 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/12/09 00:14:50 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/12/09 00:14:49 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/12/09 00:14:49 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/12/09 00:14:49 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
MOD - [2008/04/15 09:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/19 01:01:47 | 000,146,816 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/05/14 08:01:24 | 004,901,888 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:64bit: - [2008/10/28 00:20:22 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2007/10/19 04:10:30 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 19:28:40 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/24 11:33:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/06 17:06:09 | 000,025,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/06/10 00:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/12/16 14:04:56 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/09/24 11:29:20 | 000,035,840 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2008/09/15 07:57:32 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 07:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/07/21 13:11:56 | 000,032,200 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008/05/19 08:47:48 | 000,173,096 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008/03/20 01:44:34 | 000,467,456 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007/09/05 11:04:48 | 000,077,872 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2007/08/15 21:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2007/08/15 09:22:00 | 000,369,152 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007/04/17 08:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006/10/31 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010/03/13 11:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/23 15:48:42] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.b.dk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iam...c=tops&search="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.berlingske.dk/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.5
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.204
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/02/04 15:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\NETELLER app\plugins\Firefox\neteller\ [2010/10/20 09:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/15 18:32:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 19:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/15 19:46:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks [2009/11/20 06:07:02 | 000,000,000 | ---D | M]

[2008/12/29 00:32:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Extensions
[2011/12/17 14:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions
[2010/05/13 22:57:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/17 01:39:15 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/12/06 12:05:46 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/08/22 09:46:58 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/06 12:05:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/14 17:10:36 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2011/09/18 17:59:25 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2010/08/31 14:08:56 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\[email protected]
[2011/12/13 19:17:51 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 12:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2011/12/13 06:52:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/15 11:53:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/12/13 06:52:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
CHR - plugin: NeuLion Adaptive Plugin (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2011/12/27 20:02:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk = File not found
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1FB07-90EC-4593-920F-913C35E23C0F}: DhcpNameServer = 193.162.153.164 194.239.134.83
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/27 22:00:27 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/27 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/27 21:46:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/12/27 20:15:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/12/27 19:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/27 19:36:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/27 19:36:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/27 19:36:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/27 19:36:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/27 19:35:34 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:35:34 | 004,353,794 | R--- | C] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2011/12/27 19:35:34 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:35:34 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/27 19:22:50 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Desktop\Cleaning
[2011/12/27 18:43:21 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxoft Toolbox
[2011/12/23 22:51:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 18:51:02 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:50 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:32:40 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Local\Play65
[2011/12/15 12:45:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT
[2011/12/15 12:30:26 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/15 12:27:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 12:27:26 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 12:27:26 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 12:21:33 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011/12/14 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Lønsedler
[2011/12/13 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft.temp
[2011/12/13 00:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/12/07 23:51:51 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/06 22:28:10 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 22:00:34 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/12/06 22:00:34 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/12/06 22:00:34 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/12/06 18:27:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/06 18:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/12/06 17:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/12/06 16:50:41 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/12/06 16:50:41 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/12/06 16:50:41 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/12/06 16:50:41 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/12/06 16:50:39 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/12/06 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/06 16:50:37 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/06 11:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/27 22:06:15 | 000,875,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/27 22:06:15 | 000,715,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/27 22:06:15 | 000,151,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/27 22:00:36 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/12/27 22:00:13 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 21:59:24 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/12/27 21:59:24 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/12/27 21:59:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
[2011/12/27 21:58:50 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/27 21:58:50 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/27 21:58:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/27 20:02:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/12/27 19:18:34 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:17:24 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:16:48 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/27 19:11:37 | 004,353,794 | R--- | M] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2011/12/25 08:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
[2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 22:01:14 | 000,000,601 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 18:50:58 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:28 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/23 18:21:50 | 000,000,625 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 13:02:43 | 000,684,297 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 12:47:54 | 000,001,460 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2011/12/22 17:49:20 | 000,069,120 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/21 16:21:18 | 000,002,675 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/16 17:34:12 | 000,000,824 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 19:46:44 | 000,000,912 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 19:46:44 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/15 18:00:29 | 000,002,097 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Google Chrome.lnk
[2011/12/15 18:00:29 | 000,002,059 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/15 15:56:04 | 000,000,973 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 15:54:08 | 003,327,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/15 12:45:14 | 000,020,956 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:39:21 | 002,933,318 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/15 12:30:37 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/12/15 12:30:37 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/12/15 12:30:36 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011/12/15 12:30:36 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011/12/15 12:30:26 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/15 12:30:23 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/14 12:26:28 | 000,002,633 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/14 12:07:57 | 002,039,842 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:55:18 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/13 23:53:05 | 118,082,211 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/07 23:51:53 | 002,540,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 22:38:49 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:37:38 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:26:55 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 17:06:09 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 17:06:09 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/06 16:50:38 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/06 16:18:35 | 000,000,972 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/06 12:07:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/06 11:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/11/28 00:34:00 | 000,001,356 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/27 19:49:12 | 000,000,972 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:49:12 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:36:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/27 19:36:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/27 19:36:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/27 19:36:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/27 19:36:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/23 22:27:08 | 000,001,589 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/12/23 22:27:08 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/12/23 22:01:14 | 000,000,625 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/23 22:01:14 | 000,000,601 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 21:28:45 | 000,684,297 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 13:16:56 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011/12/23 13:16:56 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2010.lnk
[2011/12/23 13:16:56 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Engelsk-Dansk Dansk-Engelsk.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:56 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2011/12/23 13:16:56 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/23 13:16:56 | 000,001,813 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/23 13:16:56 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/12/23 13:16:56 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Luxury Casino.lnk
[2011/12/23 13:16:56 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/23 13:16:56 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/12/23 13:16:56 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Batch Image To PDF.lnk
[2011/12/23 13:16:56 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/23 13:16:56 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Batch PDF Pro.lnk
[2011/12/23 13:16:56 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\R 2.11.1.lnk
[2011/12/23 13:16:56 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\R 2.8.1.lnk
[2011/12/23 13:16:56 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/12/23 13:16:56 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2011/12/23 13:16:56 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/23 13:16:56 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Mobipocket Creator.lnk
[2011/12/23 13:16:56 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\DVDneXtCOPY 4.lnk
[2011/12/23 13:16:56 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\YouSee Player.lnk
[2011/12/23 13:16:56 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/12/23 13:16:56 | 000,000,673 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD 2010.lnk
[2011/12/23 13:16:56 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/12/23 13:16:56 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\JPG To PDF Converter.lnk
[2011/12/23 13:16:56 | 000,000,134 | ---- | C] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
[2011/12/23 13:16:53 | 000,002,675 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/23 13:16:53 | 000,002,633 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/23 13:16:53 | 000,002,059 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/23 13:16:53 | 000,002,037 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011/12/23 13:16:53 | 000,001,954 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2011/12/23 13:16:53 | 000,001,952 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:53 | 000,001,692 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/12/23 13:16:53 | 000,001,667 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
[2011/12/23 13:16:53 | 000,001,481 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS4.lnk
[2011/12/23 13:16:53 | 000,001,228 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe After Effects CS4.lnk
[2011/12/23 13:16:53 | 000,001,125 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Liquid Story Binder XE.lnk
[2011/12/23 13:16:53 | 000,001,071 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop CS4 (64 Bit).lnk
[2011/12/23 13:16:53 | 000,001,047 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/12/23 13:16:53 | 000,001,008 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Image to PDF Converter Free.lnk
[2011/12/23 13:16:53 | 000,000,974 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\WinBUGS14.exe - Shortcut.lnk
[2011/12/23 13:16:53 | 000,000,973 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/23 13:16:53 | 000,000,968 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/12/23 13:16:53 | 000,000,950 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\CINEMA 4D Release 11 64 Bit.lnk
[2011/12/23 13:16:53 | 000,000,912 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/23 13:16:53 | 000,000,898 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\vlc.lnk
[2011/12/23 13:16:53 | 000,000,826 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk
[2011/12/23 13:16:53 | 000,000,806 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/12/23 13:16:53 | 000,000,544 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\JPG To PDF Converter.lnk
[2011/12/23 13:16:53 | 000,000,258 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/23 13:16:53 | 000,000,240 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/23 13:16:47 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/12/23 13:16:47 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011/12/23 13:16:47 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/12/23 13:16:47 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/12/23 13:16:47 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/23 13:16:47 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/12/23 13:16:47 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/23 13:16:47 | 000,001,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/12/23 13:16:47 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/12/23 13:16:47 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/12/23 13:16:47 | 000,001,763 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/12/23 13:16:47 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/12/23 13:16:47 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/12/23 13:16:47 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/23 13:16:47 | 000,001,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer EP.lnk
[2011/12/23 13:16:47 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/12/23 13:16:47 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS3.lnk
[2011/12/23 13:16:47 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/12/23 13:16:47 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/12/23 13:16:47 | 000,000,916 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/12/23 13:16:47 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/23 13:16:47 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/12/23 13:16:47 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouSee Player.lnk
[2011/12/23 13:16:47 | 000,000,732 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSJ.lnk
[2011/12/23 13:16:47 | 000,000,685 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD 2010.lnk
[2011/12/16 17:34:12 | 000,000,824 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 15:56:04 | 000,000,979 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:30:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/14 12:07:57 | 002,039,842 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:51:39 | 118,082,211 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/06 22:39:30 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:38:06 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:00:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/12/06 22:00:34 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip
[2011/12/06 22:00:34 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/12/06 22:00:34 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/12/06 22:00:34 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/12/06 17:06:09 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 16:50:42 | 002,933,318 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/10/07 00:07:02 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011/01/08 10:31:19 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 10:31:19 | 000,000,008 | RHS- | C] () -- C:\ProgramData\476E5D3C28.sys
[2011/01/02 10:16:43 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/02 10:16:43 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/12/31 01:16:56 | 000,000,221 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\burnaware.ini
[2010/12/24 14:39:15 | 000,233,472 | ---- | C] () -- C:\Windows\Dqihia.exe
[2010/12/13 16:43:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/12/05 12:47:43 | 000,000,000 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\.NANotifyHere
[2010/06/30 21:03:43 | 000,003,433 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\SAS7_000.DAT
[2010/06/05 12:01:33 | 000,000,158 | ---- | C] () -- C:\Windows\matlab.ini
[2010/04/23 14:20:44 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/04/12 12:06:17 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/03/22 22:27:44 | 000,000,351 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2010/03/04 10:35:07 | 000,395,776 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/03/04 10:35:07 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/03/04 10:35:07 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/02/14 15:12:33 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/02/14 13:46:05 | 000,000,045 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\machpro.dat
[2009/12/07 14:44:22 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009/12/07 14:44:22 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009/11/09 14:15:31 | 000,145,558 | ---- | C] () -- C:\Windows\hpoins13.dat
[2009/09/18 06:31:56 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 06:30:41 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/18 06:30:04 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/06 21:58:17 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/08/07 15:49:47 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/07 15:49:23 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/15 13:32:53 | 001,507,328 | ---- | C] () -- C:\Windows\SysWow64\nView.dll
[2009/07/15 13:32:53 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll
[2009/07/05 16:56:32 | 000,000,144 | ---- | C] () -- C:\Windows\SysWow64\lkfl.dat
[2009/07/05 16:56:32 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\pdfl.dat
[2009/07/05 16:56:32 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\ibfl.dat
[2009/07/01 18:02:03 | 000,004,965 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/06/28 18:18:47 | 000,001,365 | ---- | C] () -- C:\Windows\IPokerscope.ini
[2009/06/12 18:35:57 | 000,001,356 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2009/06/10 18:23:33 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2009/06/10 18:23:33 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2009/06/10 18:23:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009/04/06 21:26:10 | 001,362,460 | ---- | C] () -- C:\Windows\SysWow64\ExpansionHD_Firmware.bin
[2009/03/30 19:50:22 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\Uninstow.exe
[2009/03/11 23:48:03 | 000,000,024 | ---- | C] () -- C:\Windows\TEXTware.ini
[2009/03/09 17:24:07 | 000,130,858 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/03/09 17:23:56 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2009/03/02 00:10:25 | 000,036,868 | ---- | C] () -- C:\Program Files (x86)\uninst-Particular.exe
[2009/02/04 18:59:31 | 004,372,059 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\NMM-MetaData.db
[2008/11/23 00:22:01 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_fts3.dll
[2008/11/23 00:22:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_rtree.dll
[2008/11/23 00:22:01 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_impexp.dll
[2008/11/23 00:22:00 | 000,001,462 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/23 00:22:00 | 000,000,837 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/02 15:41:58 | 000,000,104 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\fusioncache.dat
[2008/11/02 15:26:43 | 000,818,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/11/01 23:24:13 | 000,024,226 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\UserTile.png
[2008/10/31 00:23:34 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2008/10/22 21:14:53 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/22 12:42:49 | 000,069,120 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/21 14:05:34 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/10/21 13:25:26 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/10/21 13:25:26 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/10/21 13:25:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/10/21 13:25:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/10/21 13:03:08 | 000,036,924 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/10/21 13:02:49 | 000,034,756 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/21 12:17:38 | 000,001,460 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2008/02/08 17:03:43 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll
[2008/02/04 18:23:10 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/01/22 17:05:38 | 000,000,811 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/06/13 08:12:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\winOGL.dll
[2000/04/12 16:23:18 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[1997/09/30 15:29:10 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL

========== Files - Unicode (All) ==========
[2010/07/01 09:56:12 | 000,023,986 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx
[2010/06/17 19:08:03 | 000,143,275 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:07:58 | 000,143,275 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:05:05 | 000,060,770 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:02 | 000,060,770 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:00 | 000,023,986 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >


OTL Extras logfile created on: 12/27/2011 10:13:01 PM - Run 8
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

8.00 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 73.63% Memory free
16.05 Gb Paging File | 13.97 Gb Available in Paging File | 87.07% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 79.00 Gb Free Space | 28.27% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 9.69 Gb Free Space | 0.69% Space Free | Partition Type: NTFS

Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 57 E2 51 29 C3 66 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3194313822-558712583-1741877353-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FCE4E3-AA49-4E6C-AFD0-EB988007A636}" = lport=138 | protocol=17 | dir=in | app=system |
"{01E4B3C5-C2F2-486C-9FB2-2ED1EECA83C6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0AD167C6-5228-40B3-AEB7-2ACA079A5E20}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{0F716D56-6B0F-44C9-AD64-4BE387280E22}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{1206B58B-738D-4482-8483-BEF26ABB28D3}" = lport=139 | protocol=6 | dir=in | app=system |
"{253D9383-8AF5-4950-B5AA-F7EE5A4987B4}" = rport=137 | protocol=17 | dir=out | app=system |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4061}" = lport=25799 | protocol=6 | dir=in | name=spport |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4062}" = lport=25799 | protocol=6 | dir=out | name=spport |
"{32E9D787-911F-4639-9432-20C6DC12D37E}" = lport=445 | protocol=6 | dir=in | app=system |
"{3ADCBFA2-F3C9-4B70-B651-7B20512D573F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47C28765-DE35-4BD0-8388-206CC6238A11}" = rport=445 | protocol=6 | dir=out | app=system |
"{53A9E0A9-478B-44DE-BEC0-93E8EC62A0E9}" = rport=138 | protocol=17 | dir=out | app=system |
"{76A6E7EB-513D-4DAA-929B-1181888BC139}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{77B00329-4867-42E3-AA3E-92B96FEACE57}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C1AFC4D-48D6-4EA3-8900-00208CDD0FE7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F53A94B-10B3-48A5-88F2-E946C0FD173F}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{836EB39E-2CAD-478B-8776-DD0B812D0049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{905BB58A-CC49-4FD1-9AE7-1CFBEC136FD6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A1347F11-25E8-4210-AE39-A19A67759719}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7E491E1-6737-4557-978E-B035F5748662}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B5433E70-B119-4587-9A8D-3DD58D253A06}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B9514CCA-BCF1-44B4-88B7-D66BE9869612}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB46A94E-F1DB-48D5-A418-95F09300598D}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{CF0EE876-5283-431B-A04A-AD8564D034A1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D36F6037-210E-4D6E-AFCD-13E570C76AA7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D8D736F7-2267-46CA-B93D-305FE3E46D6E}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{D9E8CD75-A350-49CA-AB39-5319671D459D}" = lport=137 | protocol=17 | dir=in | app=system |
"{F001FEBC-D2AA-441F-A2FA-9CD3D8426284}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F1043777-3BF1-416B-A257-B3461083B3B1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F92E4E84-1CCF-429A-8E89-3829B7132DDF}" = rport=139 | protocol=6 | dir=out | app=system |
"{FC2C4B65-CFFF-4345-A406-CB6B5346B3E0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FD0ACF60-8CE2-4F57-B60D-A5F02142E323}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC69BA-A92A-491F-B7E6-7353BCF33F31}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{00CBF721-4B8E-40D5-899F-2EC19665FD3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{018EE8A9-E09C-4BDB-BCB8-60AB5CF75429}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{02322976-974E-48DE-8B80-2EFE6EAD20BC}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{05424DB1-AE69-4BBB-BF26-D27B612F6E84}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0788EA70-0BDA-4745-AC69-40E7B2D1788D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{082A1852-F459-45B8-98AC-7286E2959860}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{087DF11D-B1B6-4815-8F74-8131B456C614}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{09763E0A-998A-4FF7-B68F-E7734F07702D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{0A9D4720-8BB5-4583-A372-1C72D14CAF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{0B90A9D5-D4FD-43B6-B1DE-181D68DB99C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{0DBB21AB-82E3-4873-8FB6-19D4E36A8059}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{0E3AABB2-8325-49BB-8F7D-7F207BF700AE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E532DC0-AF43-4568-A014-69A8D18C45A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1055327A-A54C-4B46-8B98-3E8B69446682}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{10D044CB-DA27-45AF-99E4-CAD0064373DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1122B7C1-A552-41AB-BC55-F92CDC156693}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{12D98607-0114-40F6-9786-CD615E987C71}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{135E5E0F-8FC6-479D-ACBF-F8B3A7B234F0}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{144E0DEE-A16D-409D-B971-614CDD4BABFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{1554973C-4480-4DA6-9DF3-6B6CD3EA84CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16486E03-2D83-4FC8-B8FE-EC4369A635BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{174372F2-8773-4181-871E-D5B93472CD31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{17A9EE3B-646B-4626-B046-3E307D664085}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18D83075-01DB-40D0-A8BD-4C16206B7D72}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{1A3AE9D9-ABDB-488F-8583-D174B8B4441A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1A4BA463-3BB5-46F6-A719-0B074EE7BBFD}" = protocol=1 | dir=out | [email protected],-28544 |
"{1C46B1CA-E0F3-4874-BA1D-19352600ADE1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{20DDFBD2-F107-420C-B661-43F41620E530}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{224E3680-B3F9-4F2E-AD83-3E885A8C1FFE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{24B2ED2D-6A30-4F46-9F4D-8D371E23E7A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24DA85F2-A7EE-4686-BC82-35E0AC7E8EE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25302716-F99E-4118-AB68-4A833F6E400B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26019CF1-E423-429A-BF63-4FC685CCF894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{262E34E8-804F-4DAF-83B9-E73DA0E140CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2671F6F8-ED2A-4129-AF81-4F1061322F7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26A6003C-E121-4B0F-898B-316C4DD700DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{274F6403-178D-4CA9-852A-635453C1D26E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{28E3CC2A-749A-407C-991D-D70A35ADCDB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A1163FD-D31E-4F5B-9E25-B85B93F62E08}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{2A45BA91-7B7A-4B2F-9870-4C4AFDFD044F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{2AD05146-01FD-4F3C-9550-C021E181510D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{2B2B337E-B4B3-4225-B4BC-39534540F82D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3569C5-3855-4F49-9F5F-C67BB9E3376A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3959A1-5CBE-4460-A592-4B81EE86C795}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{2BEE8CFD-1668-436F-A895-56A2769139CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2D84109C-26CF-4234-BF0A-9E97FB28F320}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DE730C8-41E8-4BC4-990C-583FEA5FE3D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DFAF968-9D46-49CD-ACE6-496FEA3354F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{2E4B8DF0-02EC-4F20-885E-F80EFE5946FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2F7CA5E2-8379-442A-8B9F-6DA10895D74C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2FECC44D-67E8-4C9B-8560-0D99DCB21A12}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{30B873F2-6B8D-4023-84E4-FB5E0303EF2A}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{30DB8754-9433-4AA7-8AA0-6FDEC8A87788}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3156AB07-ADAE-4D2B-B847-FD64EDD12933}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3375FAB2-713F-4F22-9B67-5DC8EBD56648}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33C09FD7-7FB9-4F15-9AE7-67E3AD113D48}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{34EED1D7-2F7C-479E-9E4B-0E709EF773CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{36BD03AB-809D-4A8C-8C9E-83B3471AD0B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3725A0C2-8CD5-419B-99C3-B286E4434BEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37564943-F465-493B-85C2-2A7FC23810C6}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{375D0F87-B1BF-47C6-B295-FC6CD7E974D1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{37656985-7807-4FFA-ADCB-969A73AC7206}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39496CA2-1FC8-477F-8FF9-61CC840B9592}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{39A4DCF2-9AB5-415D-A172-34429DB5AF6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A51DF0E-7672-4BB7-9A3E-2EE2513DD597}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AAF4355-60CF-4D24-9CC2-AF49BE7DFA10}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{3C8915AA-ECFF-49BD-851A-606B0EEE4F9A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C8BB619-A63A-47BB-9030-3E93DD71119B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3CB516EE-A321-421C-916E-7F6D051A4E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{3F1A6212-CBDB-48D9-BFA5-76B72E57055F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3F5DF151-4297-4B1A-A018-E3EA7794FBFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{403763EC-F354-4111-BD21-0A2B2753103D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{410A8370-3374-41A1-B7C4-D4229A75596C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{417AFA47-440A-4ACF-8071-93A2EE7D31FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43F80202-2486-4C3E-8FA5-7E4FBF12ECB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4720A4F3-8A7C-4BD0-B1F0-5F38A93480C8}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{4775359B-173C-498A-B720-C450929A4C49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{477C488D-39E2-4D83-A4C5-E0CDDEB9CC54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{48FC3BD9-DEB7-49A7-9A49-0599C90A9703}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A09E22D-B1BA-494A-832F-5101A9B80F9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4AF7D903-A4C2-4FF9-B8A0-E5456E8F6CD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CF59DEA-D11E-4940-97FA-5A1D72BE6BAF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4E193BF8-F8FC-4982-9FD5-BBE4D1C861D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E3F35A3-DA77-4C63-8B59-EB44A303E91C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F01A147-5A41-491B-B31D-7E81C51B4D69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F3E8971-E0AF-4E00-8158-5A354DCC68ED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{506B4C0B-DE89-4D9C-9A26-B17990242D93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50B7A01E-690C-421C-A168-ED74AC591221}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{51EBF5F2-BCB1-4090-9593-66DD8E79C9A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5540FFFD-64A7-46DD-930A-77EAC55CCCC3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55619783-9DDE-4DA6-9C7D-79B7F7C231D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{558E2398-87D2-4B81-8859-6A3FBD9D1B18}" = protocol=1 | dir=in | [email protected],-28543 |
"{55B4FE7A-2720-45DF-986F-9861066E30C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{561DDE9B-C6C6-4DB7-BACC-566BFE90D744}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{56A92410-452F-46DB-BE94-7A6D0B1F6D21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{56D5D0D6-BA97-4625-8F05-4F115DDC3BF1}" = protocol=58 | dir=in | [email protected],-28545 |
"{57AACDC7-465E-4C94-888C-5F490F24FDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5924A1D9-A52A-4454-9B23-5BA0C87DE0DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5987700A-F565-405B-A507-56F89BC3877E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A4AD0BF-6E62-4B5A-A987-4033189D1259}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5B9E8DBA-91B8-429E-AEB8-B8A9B292604C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CE6BC21-423D-4FA5-9555-0E3FFC22120A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CFD1C70-9C9B-466B-AD40-D2312DF267DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5DE59C85-CB41-4A17-AD02-CB8C361AA2ED}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{5DF67FCA-E744-4EB2-AE30-111EBB29F47D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5EDCA1A4-845C-4512-96AA-19EC0130E077}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{5FDA3184-587D-4DE8-841A-7C67B3F72298}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{600E29E3-50EE-4802-B90A-78280AD84C04}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6060A3B0-F86A-4A93-9E86-7161A804F7F0}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{62B04440-6545-4C2C-A40D-6957E65CD970}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{6549EE80-5A09-4EF2-B901-580D62A26913}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6575E003-0E52-4A76-8130-143B7DCE19B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{66031CDF-C748-457F-824A-5692FD37888D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67276322-807D-4D86-8CAA-21DC5935E274}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{67B42C8F-4012-49A2-B322-C8658C8B0FD7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{696CD3ED-45CC-4F1E-854B-053086ABBFE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69F6188E-1A3C-4F00-9463-2E29117361DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A2A08E0-52BF-4FBB-956E-842E0BE3BDBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A6FE5F9-13CD-4357-BFE2-99309CC2D92B}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{6A7A2D12-E371-4ED0-BBAD-467FEA336D20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A7F7190-7FDC-4D1B-928D-E2EF2AF9BBFE}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{6A868315-6BB6-4465-989F-EBDC410A4DC8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6AE1FEE3-D98A-436D-A13D-B0A9E005C989}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D4A8FD6-8612-4786-86BC-B204845436E2}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{6D5C459F-7C01-4744-94A8-E68D9C5C074B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{6E8E95B6-3164-4329-BB3C-E4A3B01CEEBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{6EBBF31A-78C0-4DDB-B56B-2441856C7817}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F41A10A-BB63-4032-822A-1EB23EE240E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F4340B8-A7E5-4429-896F-E8E8AF82828B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70064EB3-8064-4AD2-BABD-10643DAB8A05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{702ADFD2-D8D0-4BF6-8838-968B78AED794}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70C5407C-C715-4DB4-8BD5-C25C150CE2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{715F5FD5-CA8A-4418-BB95-AD62681BB9D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{71C7DF1C-4B24-475A-ADFF-D81083371E96}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{722C9C41-01EB-4B91-A2FD-D443BF0E298F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{727684A2-C713-4590-BDF8-FBC374A4E242}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73502D32-D225-46AD-9596-FA635332485F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{737A4D7A-3840-4CAF-A53D-D76A163BA23E}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{74EFB7ED-302A-400C-B252-DA9A0BAF65E0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7565BA6F-EBF8-460B-A02F-B3257D4C9F4F}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{768BA6A5-7229-4FB3-96A1-02F0959C500B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{774ECC65-E8D9-458B-A88C-EFC7CC00AB7B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7825A558-9D96-4C63-AC84-68E480249A67}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{78C2EB2A-BD75-4C10-8F4E-AAB8E82792A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79F108AD-1CBE-4CCF-9A45-21EE985E6BF4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A70EB54-E8A8-4D9C-800D-BDBEBC7BC835}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{7B97999D-8510-4CE0-922E-F2707231C091}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D3CC99A-EB46-4A16-B513-2FCA6D19FCD6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7DDC579C-787E-42D4-9027-FEE2E3CA12E2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E0F5021-3EF0-468B-9287-AC9F762C93B5}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{7E23F7DC-87CB-45D0-A11E-39FA8508D4A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{808C096A-DEED-4D27-BFD3-D03E7E2FE47B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{80F65AEC-1452-430F-8D95-9FECA4AD2EEA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8233B346-8CE8-4AE1-A654-0D2A7C9B3C21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{82357194-743A-4F56-B9D1-C86736DE1D44}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82518090-333E-4D89-AB4A-CFDC76DEFC06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8492DF8E-E5ED-45CE-B986-DAF95A7E7234}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{871C2EA3-3BB6-415E-B1B2-5D5BF984D4F0}" = protocol=58 | dir=out | [email protected],-28546 |
"{882BB5EB-B5D0-439D-A737-34F7356422DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{88E2C35E-3AEC-4A6F-BF0B-1FFB74468D03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8AFBB653-830D-4B64-AE8E-9C925F65037D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8B173D15-A0B4-4990-B49B-EF1115CA2604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E908C10-3EFB-4EE5-BED5-58DCFE829026}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{8EDBC7B6-1A4C-44EC-83F2-C8F1D45938FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F669068-2B76-42B7-8D64-699ECAAFFDDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F776F5A-0D7A-4B3F-81E0-8B65C9B3C1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{93CBCCAC-D909-4495-A494-7C7E86E78E48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{943A51BA-FBFC-4514-AA8A-F9F5CE203A89}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{948E074B-7EC0-4781-BBB4-D3B44BDD4A69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9571C459-BFB9-4499-BB75-BE68EBC92647}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{960DE3D1-2C03-4DD7-BB7C-7ACBF9987741}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{9624AE85-4A1A-4E65-A5C5-0707047CF607}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{96552A36-3B6F-4530-A681-D1C50A38C5D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{982F69BB-2716-4B7A-AAD7-4787BB01A5CB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{98BF7F86-5503-447C-B69C-9BB1879F7BEF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9940421F-93B0-4A53-9DE4-E51699DFFE15}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{99F86493-5577-4972-A3B7-6A6F47BCC603}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9B461B8B-D1B4-4A64-81EF-AD6C218C0DE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9B729A4F-4691-4879-A7DD-5CE94BE01F96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{9E9FDAC7-610E-4449-A320-5123E5355928}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{9F43D85C-05FE-4E28-8093-2AB4D5AD1073}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0A1D675-F5D5-4728-AAFE-07A12E794891}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{A0ECD74B-C324-40D9-A534-EF78E920B83B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A33F36BA-C965-4053-B44B-5BEF08258E82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A36F8440-0789-4ED8-8A52-6EC5C6163FDB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A3EB0E69-5401-45FD-910E-5FF01B280BE9}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{A431311F-BB21-4F0E-A7D6-8C3FA15F72A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{A46ADA1C-C1E8-49DF-B6C3-CA7A59B6AA07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4DD1A48-C398-49F9-8C2B-4AB3B06B1279}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5F19B76-6F22-47AC-A829-C4943678E865}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A68973F6-5037-42DF-9753-BA8A89E67F15}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6F718CC-B365-481B-9E36-E160E00475A6}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A7AF40B3-60A3-4FD2-AF0C-16109EE9462D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A7C3AB66-D643-4922-930C-338ECA5FE1F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A882B064-8A40-4220-8C9E-B29B864322D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A4A667-B465-4F31-975C-94C4779DD2F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8D47FA6-202D-432B-970F-71959566D8CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A91A3B62-7D73-4FC9-BE7E-E78E51311C8B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AABD7A6F-0170-4606-A8D8-957D6C047DCF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{AADB278C-F519-4DEC-860D-EBA1586A4746}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB038C04-4F00-43D0-BFA0-67241A7FA486}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB7ECB0A-F131-4964-84AE-2F478F3EA6FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADAA0DBD-9B0A-496B-B458-DA82C6C15BA4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE189FB7-E329-42A5-BDF3-6C96C5FCDA69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE3A4F15-444D-4B92-851F-54E449DF7AB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF41163D-D235-4396-A100-5188320E8613}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{AF4F0E94-739B-4B37-A0AB-55B0287E8B3E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B1172383-8765-40E6-B14D-6B725E504B5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B15E50C2-8B8D-45F5-9FA6-F985C02A8519}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{B2CCC4F1-25B2-408F-B894-EF75B0761C7F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2FF920B-A792-47C0-AB95-1D6614A5977C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B590473A-08CC-4C1D-BBCA-D379EE63A9F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B620D0D7-76B7-4D2A-8C8C-87B424F222D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B7113CAC-5C13-44F5-920D-D05DC70B737F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9174DDF-2739-4C4D-98B8-04412CF55D76}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9609C44-FC31-4760-B236-BB70958FCD9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9C96C73-E187-4069-A5B1-26BE3810428A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA5966B3-C7AE-4B4D-9282-0981E7A44EEC}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{BB690551-DA14-4B2B-838F-9037D4FBCECE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBF023D5-2BE7-4D75-872F-EA9F33C58695}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC5F49D2-A652-485E-899E-15178E2DFDBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC7218D6-477B-4950-A31F-50CD411EC232}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{C04828F5-711B-4FB5-A239-C22348CC4606}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C04915F9-E695-40D8-90A0-D463D551127D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C25D4F7C-CEF8-4325-9C9B-E5739EE44FED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C34BD4D2-4CB5-4F7F-BDB1-E3E5086DDB03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C35A6D02-D094-49D3-9220-6CEF7612B4A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3F2DA78-9F58-48E0-B5DC-8757E6876539}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{C3FD1021-6800-4318-9384-7F793ACC70DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C48B2FFD-72FE-41AE-8BE3-82113B4A3803}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6AD2D34-3C2F-43DA-BB62-04B6D4A003BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C76E1F23-F2B4-41BA-BD19-10DFC2C927E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C79A5C58-7591-43E7-905D-10D1223BD134}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7CBE64C-26E7-4AC3-AF1A-57FC4877A5C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8FA45DF-2D8E-4F9D-94F9-89658D7C0FF9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C906AD7E-0F6B-4179-BE59-D1B3E45D8D14}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C93EE244-083F-41BE-9EF2-4B13990ACEF2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CD328F55-1C4B-4132-83F0-07A584CB0556}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CDA6FEF6-4FCD-495A-8863-5046C9BEB9E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D039E9ED-9221-4560-AB94-4B11AB6A7CED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D0A64A02-A2A1-43C3-A69C-1E1C0D435B7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2B95B0D-F580-45FB-BACE-1BAD3A00C0A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3434849-9172-4570-9C58-A596CA78F23E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D54DE4CA-2D65-41B3-B48D-3BE01FA56DC0}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{D5909E9E-426C-4EB4-A567-5EDEED6CB275}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5C4262C-4D9A-4E17-A128-6C85C2EDE138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D6036BDC-8F0C-44CE-A6B1-BB3389BC6B68}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D682CF2F-4840-4A03-BF15-A6D255437FB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7B4EB2B-D28D-454F-848B-4A7F506BC92B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D7BBCE4F-D710-4A2C-A13C-129426A33D1B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D7D1D7A0-E2E6-4B37-AD37-4FCD4A128F5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D70CC0-1988-4317-9958-96E15C95DDEB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D7912D-34E8-4BF8-AFEF-D981BE1A637F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E3227B-4753-4CDD-9BBD-6326D9AFDB7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E98018-BB87-43A0-ACFE-9331B9C3FC40}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8EEFA3C-1C55-41F4-B177-3780275496AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D9D0BC70-35E2-4079-BA66-B8482E174C9B}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{DAAE327C-B010-48E4-90D2-226B68600FCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB44E4C4-66F5-42CF-99BB-D01A53F6CAE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB877977-DF1A-4F7D-8592-D7AF0DFA30A4}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{DBB7D15C-72D2-4507-9971-FEFEF4B2CFFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DBF1AE87-69DA-4AB4-997E-B8BDB1B7CB54}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{DC7F9734-BA61-4DFB-9A27-9F4B5462C806}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{DCF22552-82D6-4177-9553-F2D97E14AB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{DD36E43D-C6FA-437D-BCAC-19C934B1C134}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{E14320CA-1003-4355-BDDD-A1F63AB64000}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E18FCDDD-B8C7-40AF-92A9-D9D00C47D36A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E19CBB0E-D2E6-4B8D-8897-ACE5ADBE95F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E2221CDE-857A-4F1C-94F8-ED5D29604C01}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{E2680ACC-99C2-4235-8794-E609AC4E6377}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E41DF7C1-111F-42E2-BA05-498C0E89D1C3}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{E5BA7718-594E-4F61-B475-AE702D84F256}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5C10A85-2E40-407B-BC4A-CFCAE346835C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7E83A76-2658-4EEF-8E73-342927547F3C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7EFFB6A-CE87-4617-9B71-FFFC09109111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E893E89F-A334-4D6F-A1ED-62258760245D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{E9C28EAA-42C1-4D14-AFEC-A9C9005FC406}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EAD81E16-2E62-4124-9BB7-D512CEF1E6A6}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{EB931EC2-7B8F-40D9-9C0D-70A277A9372E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{EB9D604E-C126-4487-B2C0-8AAE305824DE}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{ECC18DDC-A2DF-4DF0-B569-461CA429BA8C}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{EF6B339B-B860-411E-B51D-6FFA32CC3F4E}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{EF9C2076-3F41-4884-A640-A6A7A294587B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F24C189F-CB4C-49CA-98FD-98CE92554ECA}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{F2AC6076-C8F5-49F7-91E7-9AA10FEE12C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{F3213B33-20FA-4C45-802B-B3F0A62E22EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F324B8BA-C159-455F-84AD-C339F7C7D812}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F384CDF4-86E1-488E-8945-529F1A16C27F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F392DA1B-E19C-46D0-9A13-62D4FA464E4F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F3C6EEB8-CA77-437D-8D78-73EB4D64BB4D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F5271259-67E5-42CF-B7AC-5495382D4B97}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{F5B143FF-5895-439A-A1D4-F61B9C8C097E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F5C782AD-64F4-4A0D-A8D7-E6ECBA8EA712}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7DF6FA6-BA2E-4B67-9351-A8C5EDC90D45}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F9CB1AC4-1823-4E45-A4C8-17757AC24402}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB953C8D-F4CA-4F89-A198-A66008274F08}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{FBEB1BF2-6605-4959-A091-1E8D0A8FFECC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FC84F76A-366F-4149-86D1-FE30D8B315E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD6F3B6A-0FB3-42F8-9986-975BB4EF4F3C}" = protocol=6 | dir=out | app=system |
"{FDF8FFFF-814D-405E-B103-AEFBD857B76F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{02317C48-4C11-4DCA-867F-791A73D0DC0D}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{077A5FDA-FFC5-41CF-A8C1-2CABCC1E99D2}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{0FAC06CF-5204-4AC0-84F8-256786BF6DAD}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"TCP Query User{2765A490-32AF-4552-8E09-706A42F63411}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{424757F1-537B-4C26-B88F-D1AFD6FCE114}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{5A5595A3-8760-4832-8D0F-0C9D29709A02}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{6B778174-C25F-43B5-AD18-B1F1F7C0DF9C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8650E2EE-BF96-4C60-A0CC-D88908217D18}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{98402700-CFA8-4B70-B7E2-6D84F44E7089}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A44BFFD2-B09D-4939-AD38-01E24A7F7124}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{C38E7D9B-E348-41B7-9801-D335F43C4EF5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{C7D8B634-B595-4B6C-A865-0F55972EECCA}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{C879447D-03B9-4040-88E2-3D1B68582D56}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{CF75E8E8-13C7-4995-9531-2813C4BA9711}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D9B03067-FC20-42B2-AE01-71F3D154B7B4}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{E38756AC-B224-4C64-8F4D-5CD1AA7B82F3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{F5E7DDF1-64B9-48B6-9FE6-7F6CAC86A098}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0ABADC3E-7F59-46D9-857B-F5F7F0232A50}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0D14DB75-8D53-47A4-8E98-9F297747ED38}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{18A51644-982A-4A9C-90AC-BC13B9A8AD76}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{27344AAB-1A08-491D-912F-B6E052BB9D29}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{2813270D-A97F-404D-92C9-907D9BF49F84}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{33E6125A-25D1-4347-BE56-2A9C338B65DB}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{39D46AF5-1ADF-426B-8D61-CA6988A6B56E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{3D20730B-820F-4D88-A7D5-DCA39F789F70}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{56452B83-5FA3-46A2-BD33-ACE844DF51BE}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{57320AA8-EB94-47E3-9947-7F05FE06729A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{72E00B4D-C30C-4266-A513-F7A263CA5CA9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{782176FE-CAC7-4589-AF73-08C266F9793E}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{94D5AEA5-96A2-4A9D-9C64-330B83A562AD}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{D03FA104-8A9D-4757-86D3-2ED96E717D2C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{D22B94DA-4425-4AA8-A000-26DA7E4B93D1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{D8CED9C9-FBC0-47F3-8BB1-EDC0AB9962E7}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"UDP Query User{F66ACC6F-6EE6-4735-8ADF-77586B0486CF}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0412-1000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B38BCB00-1C17-48F5-BB94-584BB89D34D0}" = Logitech Z-series Software 1.04
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Windows Driver Package - Nokia Modem (10/27/2008 3.9)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HitmanPro35" = Hitman Pro 3.5
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"nView Desktop Manager" = NVIDIA nView Desktop Manager

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A422-40A5-BD20-04BF618CA0F9}" = QuickBooks Pro 2010
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{229AF246-D3F0-11D6-B69D-00D009E877CC}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 22
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2984E8FC-6310-6082-F0C7-56CC044B3B4C}" = YouSee Player
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{34922E26-AE1B-452A-926E-D3197E6BF0E9}" = Batch PDF Pro
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{4DB3021B-57A5-42A0-82FF-01F3B9E09CDD}" = NETELLER Desktop
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6600970A-BAE7-412A-BFFC-91AD793B3A41}" = ASUS WiFi-AP @n
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5694F9-4FE6-C505-B929-E465530C97EC}" = LSJ
"{6A9B6538-AA6B-498A-9529-739D7A5CBFE7}" = PASW Statistics 18 R Essentials
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D381E6D-D221-49F9-B900-3D2D226E2C5D}" = PASW Statistics-R Integration Plug-in 18.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROOFKIT_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0402-0000-0000000FF1CE}" = Microsoft Office Proof (Bulgarian) 2007
"{90120000-001F-0402-0000-0000000FF1CE}_PROOFKIT_{FB4EE5BD-7C0B-4B5C-ACEC-D1F160BE9B47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROOFKIT_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROOFKIT_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROOFKIT_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_PROOFKIT_{25E093C2-374E-44A9-9BCE-3881BD442F3F}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROOFKIT_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROOFKIT_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROOFKIT_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007
"{90120000-001F-040B-0000-0000000FF1CE}_PROOFKIT_{8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROOFKIT_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2007
"{90120000-001F-040D-0000-0000000FF1CE}_PROOFKIT_{D51DB996-6D46-4195-B495-5E96F61A3CB9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROOFKIT_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROOFKIT_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2007
"{90120000-001F-0411-0000-0000000FF1CE}_PROOFKIT_{09FD8ECF-B585-47FD-8E53-68BB8741DA65}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2007
"{90120000-001F-0412-0000-0000000FF1CE}_PROOFKIT_{B017C4D5-E774-4A94-A8E3-380489B86F47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROOFKIT_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmål)) 2007
"{90120000-001F-0414-0000-0000000FF1CE}_PROOFKIT_{D3413506-02DD-4918-AB8B-A9939A14C2E8}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROOFKIT_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROOFKIT_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROOFKIT_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0419-0000-0000000FF1CE}_PROOFKIT_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROOFKIT_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROOFKIT_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007
"{90120000-001F-041D-0000-0000000FF1CE}_PROOFKIT_{43722AA8-ACEA-4F54-9B83-2467D376EF8A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041E-0000-0000000FF1CE}_PROOFKIT_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_PROOFKIT_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0420-0000-0000000FF1CE}" = Microsoft Office Proof (Urdu) 2007
"{90120000-001F-0422-0000-0000000FF1CE}" = Microsoft Office Proof (Ukrainian) 2007
"{90120000-001F-0422-0000-0000000FF1CE}_PROOFKIT_{6F177D09-F21D-4F50-9436-353972D1D232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROOFKIT_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0425-0000-0000000FF1CE}" = Microsoft Office Proof (Estonian) 2007
"{90120000-001F-0425-0000-0000000FF1CE}_PROOFKIT_{198E4A56-E02D-4594-AA6A-B25D83F50A81}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0426-0000-0000000FF1CE}" = Microsoft Office Proof (Latvian) 2007
"{90120000-001F-0426-0000-0000000FF1CE}_PROOFKIT_{1B3EDDDA-158A-4AFB-A493-57446AC5964D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0427-0000-0000000FF1CE}" = Microsoft Office Proof (Lithuanian) 2007
"{90120000-001F-0427-0000-0000000FF1CE}_PROOFKIT_{15B60D1E-FBD2-4659-A159-ADB32FA4105D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0439-0000-0000000FF1CE}" = Microsoft Office Proof (Hindi) 2007
"{90120000-001F-0439-0000-0000000FF1CE}_PROOFKIT_{B0126B90-3F42-404B-8435-DE45FBC3BE45}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0446-0000-0000000FF1CE}" = Microsoft Office Proof (Punjabi) 2007
"{90120000-001F-0447-0000-0000000FF1CE}" = Microsoft Office Proof (Gujarati) 2007
"{90120000-001F-0449-0000-0000000FF1CE}" = Microsoft Office Proof (Tamil) 2007
"{90120000-001F-044A-0000-0000000FF1CE}" = Microsoft Office Proof (Telugu) 2007
"{90120000-001F-044B-0000-0000000FF1CE}" = Microsoft Office Proof (Kannada) 2007
"{90120000-001F-044E-0000-0000000FF1CE}" = Microsoft Office Proof (Marathi) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_PROOFKIT_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2007
"{90120000-001F-0814-0000-0000000FF1CE}_PROOFKIT_{1B70EF07-15AB-483B-B7DE-C60584A3F518}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_PROOFKIT_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-081A-0000-0000000FF1CE}" = Microsoft Office Proof (Serbian (Latin)) 2007
"{90120000-001F-081A-0000-0000000FF1CE}_PROOFKIT_{5D31A216-8A77-4993-AAF4-A747E3E81B35}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROOFKIT_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROOFKIT_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_PROOFKIT_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0411-0000-0000000FF1CE}_PROOFKIT_{85644C8B-569F-4998-9A4F-0845AA579E9E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-1000-0000000FF1CE}_PROOFKIT_{71FF7F2B-813F-421A-AAC0-616FB5048E3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0412-0000-0000000FF1CE}_PROOFKIT_{15281683-B481-47B8-A981-7043F35441FF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-1000-0000000FF1CE}_PROOFKIT_{D0A5685F-34E9-4B67-B32C-262263E55098}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_PROOFKIT_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_PROOFKIT_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0048-0409-0000-0000000FF1CE}" = Microsoft Office ProofMUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0103-0000-0000-0000000FF1CE}" = Microsoft Office Proofing Kit 2007
"{927454DC-D1D0-42EB-9C39-F87D4B8D6B5B}" = 5DFly Images to PDF Converter
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_946" = Adobe Acrobat 9.4.6 - CPSID_83708
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{ADF9FBE9-8F25-15A7-9E46-D575615FF009}" = Sid Meier's Pirates!
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1A820F9-9F85-4513-B601-A998FC1AFDA0}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C81B363C-3918-4D53-8B90-EBABA515928E}" = ASUS WiFi-AP @n
"{C845E16D-4D66-44C8-B7B5-53739900AC7E}" = Microsoft Office Accounting 2009
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA5DD6E1-B508-4922-815D-479E3228B17A}" = Europa Universalis 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1AC5696-CC7E-34D7-89B3-4D09E7CF7D14}" = Strawberry Perl
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}" = Microsoft Office Accounting 2009 PayPal Addin
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7F65223-C7CF-4F5F-BFF9-65461B11B8CA}" = Batch Image To PDF
"{F810C880-CBBC-4524-82C2-FA3D0AE48380}" = Hemera Photo Clip Art
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Amazon Kindle" = Amazon Kindle
"AVI DVD Burner_is1" = AVI DVD Burner 2008 v5.2.0.37
"BetMost Poker" = BetMost Poker
"Boxoft free AVI to FLV Converter_is1" = Boxoft free AVI to FLV Converter
"Browser Defender_is1" = Browser Defender 3.0
"BS1 General Ledger 2010.0_is1" = BS1 General Ledger 2010.0
"BurnAware Free_is1" = BurnAware Free 3.3.1
"CINEMA 4D Release 11" = CINEMA 4D Release 11
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Composite Wizard" = Composite Wizard
"Digital Editions" = Adobe Digital Editions
"Digital Signatur" = Digital Signatur
"dk.in2media.yousee.youseeplayer" = YouSee Player
"DVDneXtCOPY 4 neXtTech" = DVDneXtCOPY 4 neXtTech
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FM Genie Scout 11_is1" = FM Genie Scout 11 version 1.00
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameCenter_is1" = GameCenter 1.3.0.5
"HoldemManager" = Holdem Manager
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"Image to PDF Converter Free_is1" = Image to PDF Converter Free 4.02
"iMesh" = iMesh
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"JPG2PDF_is1" = JPG2PDF 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"Knoll Light Factory Pro 2.5" = Knoll Light Factory Pro 2.5
"LameACM" = Lame ACM MP3 Codec
"Liquid Story Binder XE_is1" = Liquid Story Binder XE 3.81
"LSJ.10833097DC514EE51FEAD518FDC12673948D1995.1" = LSJ
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Office Accounting 2009" = Microsoft Office Accounting 2009
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 9.0 (x86 en-US)" = Mozilla Firefox 9.0 (x86 en-US)
"NeuLion Adaptive Plugin" = NeuLion Adaptive Plugin
"Nokia PC Suite" = Nokia PC Suite
"OpenRPG" = OpenRPG
"Opera 11.60.1185" = Opera 11.60
"PartyPoker" = PartyPoker
"PDFtoEPUB" = PDFtoEPUB
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PROOFKIT" = Microsoft Office Proofing Tools Kit 2007
"R for Windows 2.11.1_is1" = R for Windows 2.11.1
"R for Windows 2.8.1_is1" = R for Windows 2.8.1
"Radium Glow" = Radium Glow
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.2
"Red Giant Psunami" = Red Giant Psunami
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SharkScope HUD" = SharkScope HUD 1.0.200
"SimpleOCR 3.1" = SimpleOCR 3.1
"SopCast" = SopCast 3.2.4
"SpeedFan" = SpeedFan (remove only)
"Spyware Doctor" = Spyware Doctor 8.0
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"Stanza" = Stanza
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 25800" = Europa Universalis III
"Steam App 34220" = Football Manager 2011
"Steam App 8930" = Sid Meier's Civilization V
"StreamTorrent 1.0" = StreamTorrent 1.0
"Trapcode 3DStroke" = Trapcode 3DStroke
"Trapcode Form" = Trapcode Form
"Trapcode Horizon" = Trapcode Horizon
"Trapcode Particular" = Trapcode Particular
"Trapcode Shine" = Trapcode Shine
"Trapcode Starglow" = Trapcode Starglow
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"Web Sudoku Deluxe_is1" = Web Sudoku Deluxe 1.2.2
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Write-N-Cite" = Write-N-Cite
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.10.1 (unicode) for Python 2.6
"Xilisoft DVD Creator 6" = Xilisoft DVD Creator 6
"Xvid Video Codec 1.3.1" = Xvid Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Chromium" = Chromium
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Play65" = Play65
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Copy the text between the lines of stars by highlighting and Ctrl + c.

******************************************

Killall::

DirLook::
C:\Program Files\Common
%user%\library


Driver::
sptd


******************************************

Now open notepad (Start, Run, notepad, OK) and Ctrl + V to paste the text into Notepad. Make sure you got it all then File, SAVE AS, (to your Desktop), CFScript , OK. Close notepad. (Overwrite the old one if it's still there.) You should see a file CFScript.txt on your desktop.

Pause your anti-virus.

Drag CFScript.txt over to Combofix and let go Combofix should start on its own.

Post the new log.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


When you ran aswMBR did you uncheck trace disk IO calls first?

Uninstall
J2SE Runtime Environment 5.0 Update 12
Java™ 6 Update 22 (get the latest from java.com)

Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
[2011/12/06 11:51:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt


:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters %userprofile%\Desktop\winsock2.reg /c
    
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.


This OTL run should create a file called winsock2.reg. Just leave it there for now.

Start, (All) Programs, Accessories, then right click on Command Prompt and Run as Admin.

Type with an Enter after the line:

netsh  winsock  reset  catalog

Reboot.

If you have trouble getting on line after the boot you can right click on winsock2.reg and MERGE. Then reboot. That should fix it. If that doesn't work then System Restore will be needed. Use the newest one. Usually you won't have any problems so this is just insurance.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#5
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

I did everything as asked, but the VEW.exe does not work. It says it has not been coded for my language. I find it kind of weird as I am using a English version of windows.

I did uncheck trace disk IO calls, when I ran aswMBR.

I have pasted all the logs below.

Happy new year

Michael



ComboFix 12-01-03.04 - Michael Eilersen 01/03/2012 15:38:39.2.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1033.18.8190.6024 [GMT 1:00]
Kører fra: c:\users\Michael Eilersen\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Michael Eilersen\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPTD
-------\Service_sptd
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2011-12-03 til 2012-01-03 )))))))))))))))))))))))))))))))))))
.
.
2011-12-30 15:22 . 2011-12-30 15:22 -------- d-----w- c:\program files\gs
2011-12-27 23:17 . 2011-12-27 23:17 -------- d-----w- c:\users\Michael Eilersen\.gnubg
2011-12-27 23:17 . 2011-12-27 23:17 -------- d-----w- c:\program files (x86)\gnubg
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\program files (x86)\Goto.Games
2011-12-27 21:54 . 2011-12-27 21:54 -------- d-----w- C:\Snowie Documents
2011-12-27 21:54 . 1997-03-04 06:44 66560 ----a-w- c:\windows\SysWow64\NMORENU.DLL
2011-12-27 21:54 . 1997-01-29 11:05 169472 ----a-w- c:\windows\SysWow64\HTML.OCX
2011-12-27 21:54 . 1997-01-29 10:58 462848 ----a-w- c:\windows\SysWow64\NMW3VWN.DLL
2011-12-27 21:54 . 1997-01-29 10:53 240640 ----a-w- c:\windows\SysWow64\NMOCOD.DLL
2011-12-27 21:54 . 1997-01-29 10:46 48128 ----a-w- c:\windows\SysWow64\NMSCKN.DLL
2011-12-27 21:53 . 1999-06-21 04:10 183808 ----a-w- c:\windows\SysWow64\bdeadmin.cpl
2011-12-27 21:53 . 2011-12-27 21:53 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2011-12-27 21:52 . 2011-12-27 21:52 -------- d-----w- c:\program files (x86)\SnowieGroup
2011-12-27 21:52 . 2000-01-04 09:39 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2011-12-27 21:00 . 2011-12-27 21:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-16 16:32 . 2011-12-27 21:45 -------- d-----w- c:\users\Michael Eilersen\AppData\Local\Play65
2011-12-15 18:46 . 2011-12-13 18:17 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-15 18:46 . 2011-12-13 18:17 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-15 18:46 . 2011-12-13 18:17 814040 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-12-15 18:46 . 2011-12-13 18:17 2124760 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-12-15 18:46 . 2011-12-13 18:17 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-15 18:46 . 2011-12-13 18:17 486360 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-15 18:46 . 2011-12-13 18:17 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-12-15 18:46 . 2011-12-13 05:52 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-15 18:46 . 2011-12-13 05:52 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-15 18:46 . 2011-12-13 05:52 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-15 18:46 . 2011-12-13 05:52 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-15 18:46 . 2011-12-13 05:52 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-15 11:27 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 11:27 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 11:27 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 11:27 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 11:27 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 11:27 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-12-15 11:21 . 2009-08-19 22:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\program files (x86)\World of Warcraft.temp
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-12-06 22:19 . 2011-12-06 22:19 -------- d-----w- c:\program files\ESET
2011-12-06 21:00 . 2010-12-09 09:48 1996752 ----a-w- c:\windows\PCTBDCore.dll
2011-12-06 21:00 . 2010-12-03 14:34 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-12-06 21:00 . 2010-12-03 14:34 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-12-06 21:00 . 2010-12-03 14:34 767952 ----a-w- c:\windows\BDTSupport.dll
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\programdata\!SASCORE
2011-12-06 16:06 . 2011-12-06 16:06 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-12-06 16:06 . 2011-12-06 16:06 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-12-06 16:05 . 2011-12-06 16:05 -------- d-----w- c:\programdata\Hitman Pro
2011-12-06 15:50 . 2010-11-17 09:20 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2011-12-06 15:50 . 2010-11-17 09:20 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2011-12-06 15:50 . 2010-07-16 13:53 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
2011-12-06 15:50 . 2010-06-29 09:35 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys
2011-12-06 15:50 . 2010-11-25 09:43 257232 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2011-12-06 15:50 . 2010-11-25 09:42 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
2011-12-06 15:50 . 2011-12-27 18:10 -------- d-----w- c:\program files (x86)\PC Tools Security
2011-12-06 15:50 . 2011-12-06 15:52 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\programdata\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\PC Tools
2011-12-06 10:51 . 2011-12-13 22:53 -------- d-----w- c:\programdata\AVAST Software
2011-12-06 10:51 . 2011-12-06 10:51 -------- d-----w- c:\program files\AVAST Software
2011-12-06 10:36 . 2011-12-07 22:52 -------- d-----w- c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 11:07 . 2011-09-18 08:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-25 09:06 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FEC62F5-785C-40B8-B1DB-F3960CD3E519}\mpengine.dll
2009-03-01 23:10 . 2009-03-01 23:10 36868 ----a-w- c:\program files (x86)\uninst-Particular.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((( [email protected]_19.02.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-21 11:19 . 2012-01-03 12:54 25840 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3194313822-558712583-1741877353-1000_UserData.bin
- 2008-10-21 11:16 . 2011-12-27 18:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-21 11:16 . 2011-12-27 18:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-10-21 11:16 . 2011-12-27 18:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-28 21:26 . 2011-12-31 13:36 3568 c:\windows\system32\WDI\ERCQueuedResolutions.dat
- 2008-10-28 21:26 . 2011-12-27 18:23 3568 c:\windows\system32\WDI\ERCQueuedResolutions.dat
- 2011-12-27 19:01 . 2011-12-27 19:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-03 14:58 . 2012-01-03 14:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:01 . 2011-12-27 19:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-03 14:58 . 2012-01-03 14:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-01-21 02:23 . 2012-01-03 12:54 108588 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2012-01-03 12:54 126212 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 12:46 . 2012-01-03 13:00 715180 c:\windows\system32\perfh009.dat
- 2006-11-02 12:46 . 2011-12-27 18:33 715180 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2012-01-03 13:00 151730 c:\windows\system32\perfc009.dat
- 2006-11-02 12:46 . 2011-12-27 18:33 151730 c:\windows\system32\perfc009.dat
+ 2009-07-15 17:08 . 2012-01-03 13:51 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-15 17:08 . 2011-12-27 18:09 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-04 02:14 . 2012-01-03 14:56 512552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2006-11-02 15:21 . 2011-12-28 10:46 3336552 c:\windows\system32\FNTCACHE.DAT
+ 2010-11-04 02:14 . 2012-01-03 14:56 4801258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3194313822-558712583-1741877353-1000-12288.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-01-01 1242448]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Boxoft Tools"="c:\programdata\Boxtools\Boxofttoolbox.exe" [2010-12-15 514048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-09-07 40376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2010-12-03 108496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ZAFFRegisterTrustChecker"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"ZAFFRegisterTrustCheckerIE"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"FlashPlayerUpdate"="c:\windows\SysWow64\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936]
.
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FIFA 11 Registration.lnk - c:\program files (x86)\EA SPORTS\FIFA 11\Support\EAregister.exe [N/A]
SpywareGuard.lnk - c:\program files (x86)\SpywareGuard\sgmain.exe [2003-8-29 360448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
IME File REG_SZ IMSC12.IME
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
Ime File REG_SZ imjp12.ime
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200412]
Ime File REG_SZ IMKR12.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-03-12 288112]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF6649.3XE" [2008-01-21 363008]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.b.dk
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.berlingske.dk/
FF - prefs.js: network.proxy.type - 0
FF - user.js: extentions.y2layers.installId - cfbda1d4-73a7-4b12-94b0-72236fe94cf7
FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader,
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"=""
"FMPath"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\"
"ScreenshotsDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011"
"SaveDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="c:\\FM Genie Scout 11\\History Points"
"LangDB"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\data\\updates\\update-1130\\db\\1130\\lang_db.dat"
"LastSaveGame"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games\\rotherham - 1.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"GraphStep"=dword:00000000
"SkinName"="PSV Eindhoven"
"LastUpdateCheck"=dword:00009e56
"VersionOf"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000081
"UniqueID"="C5-E580-EF4F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000019
"StaffSearchFeatureNum"=dword:00000005
"ClubSearchFeatureNum"=dword:00000003
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000012
"ExportFeatureNum"=dword:00000002
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:0000001b
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000000
"TopFormationFeatureNum"=dword:00000002
"ScreenshotFeatureNum"=dword:00000000
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*d?· \OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*ãÿþ#\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\SecuROM\License information*]
"datasecu"=hex:35,73,a2,9d,f6,d5,2f,c9,5e,b8,79,1c,64,c8,db,aa,33,c2,51,bf,23,
bb,c2,16,09,4e,d3,78,74,0e,d3,8f,65,75,5f,99,a0,ba,8d,83,0e,be,f6,e9,e4,38,\
"rkeysecu"=hex:fe,cb,78,e3,3b,96,d1,f0,12,62,bd,76,da,36,fc,ca
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Andre kørende processer ------------------------
.
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\SpywareGuard\sgbhp.exe
.
**************************************************************************
.
Gennemført tid: 2012-01-03 16:11:43 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-01-03 15:11
ComboFix2.txt 2011-12-27 19:15
.
Pre-Kørsel: 83,439,218,688 bytes free
Post-Kørsel: 81,518,227,456 bytes free
.
- - End Of File - - 7D4B3CFE7684E698CE483F13F81627B5



========== PROCESSES ==========
All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
C:\Windows\SysWOW64\config.nt moved successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters %userprofile%\Desktop\winsock2.reg /c >
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56475 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest1

User: Michael Eilersen
->Flash cache emptied: 3260500 bytes

User: postgres

User: postgres.Eiler-PC

User: postgres.Eiler-PC.000

User: postgres.Eiler-PC.001

User: postgres.Eiler-PC.002

User: postgres.Eiler-PC.003

User: postgres.Eiler-PC.004

User: postgres.Eiler-PC.005
->Flash cache emptied: 0 bytes

User: postgres.Eiler-PC.006
->Flash cache emptied: 0 bytes

User: postgres.Eiler-PC.007
->Flash cache emptied: 0 bytes

User: postgres.Eiler-PC.008
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 3.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Guest1

User: Michael Eilersen
->Java cache emptied: 2092359 bytes

User: postgres

User: postgres.Eiler-PC

User: postgres.Eiler-PC.000

User: postgres.Eiler-PC.001

User: postgres.Eiler-PC.002

User: postgres.Eiler-PC.003

User: postgres.Eiler-PC.004

User: postgres.Eiler-PC.005

User: postgres.Eiler-PC.006

User: postgres.Eiler-PC.007

User: postgres.Eiler-PC.008

User: Public

Total Java Files Cleaned = 2.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01032012_162747

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



16:18:06.0799 3416 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
16:18:06.0971 3416 ============================================================
16:18:06.0971 3416 Current date / time: 2012/01/03 16:18:06.0971
16:18:06.0971 3416 SystemInfo:
16:18:06.0971 3416
16:18:06.0971 3416 OS Version: 6.0.6002 ServicePack: 2.0
16:18:06.0971 3416 Product type: Workstation
16:18:06.0971 3416 ComputerName: EILER-PC
16:18:06.0971 3416 UserName: Michael Eilersen
16:18:06.0971 3416 Windows directory: C:\Windows
16:18:06.0971 3416 System windows directory: C:\Windows
16:18:06.0971 3416 Running under WOW64
16:18:06.0971 3416 Processor architecture: Intel x64
16:18:06.0971 3416 Number of processors: 4
16:18:06.0971 3416 Page size: 0x1000
16:18:06.0971 3416 Boot type: Normal boot
16:18:06.0971 3416 ============================================================
16:18:07.0673 3416 Initialize success
16:18:51.0134 3940 ============================================================
16:18:51.0134 3940 Scan started
16:18:51.0134 3940 Mode: Manual; SigCheck; TDLFS;
16:18:51.0150 3940 ============================================================
16:18:51.0618 3940 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
16:18:51.0727 3940 ACPI - ok
16:18:51.0774 3940 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
16:18:51.0805 3940 adfs - ok
16:18:51.0836 3940 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
16:18:51.0899 3940 ADIHdAudAddService - ok
16:18:51.0914 3940 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
16:18:51.0961 3940 adp94xx - ok
16:18:51.0977 3940 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
16:18:51.0992 3940 adpahci - ok
16:18:52.0024 3940 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
16:18:52.0024 3940 adpu160m - ok
16:18:52.0055 3940 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
16:18:52.0055 3940 adpu320 - ok
16:18:52.0102 3940 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
16:18:52.0164 3940 AFD - ok
16:18:52.0180 3940 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
16:18:52.0180 3940 agp440 - ok
16:18:52.0195 3940 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
16:18:52.0211 3940 aic78xx - ok
16:18:52.0226 3940 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
16:18:52.0242 3940 aliide - ok
16:18:52.0242 3940 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
16:18:52.0258 3940 amdide - ok
16:18:52.0273 3940 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
16:18:52.0382 3940 AmdK8 - ok
16:18:52.0445 3940 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
16:18:52.0460 3940 arc - ok
16:18:52.0476 3940 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
16:18:52.0492 3940 arcsas - ok
16:18:52.0492 3940 AsIO - ok
16:18:52.0507 3940 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
16:18:52.0554 3940 AsyncMac - ok
16:18:52.0585 3940 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
16:18:52.0601 3940 atapi - ok
16:18:52.0616 3940 Beep - ok
16:18:52.0632 3940 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
16:18:52.0679 3940 blbdrive - ok
16:18:52.0726 3940 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
16:18:52.0757 3940 bowser - ok
16:18:52.0772 3940 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
16:18:52.0835 3940 BrFiltLo - ok
16:18:52.0866 3940 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
16:18:52.0897 3940 BrFiltUp - ok
16:18:52.0913 3940 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
16:18:53.0038 3940 Brserid - ok
16:18:53.0116 3940 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
16:18:53.0178 3940 BrSerWdm - ok
16:18:53.0194 3940 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
16:18:53.0256 3940 BrUsbMdm - ok
16:18:53.0256 3940 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
16:18:53.0334 3940 BrUsbSer - ok
16:18:53.0334 3940 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
16:18:53.0412 3940 BTHMODEM - ok
16:18:53.0428 3940 catchme - ok
16:18:53.0443 3940 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
16:18:53.0490 3940 cdfs - ok
16:18:53.0506 3940 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
16:18:53.0537 3940 cdrom - ok
16:18:53.0552 3940 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
16:18:53.0584 3940 circlass - ok
16:18:53.0599 3940 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
16:18:53.0630 3940 CLFS - ok
16:18:53.0646 3940 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
16:18:53.0662 3940 cmdide - ok
16:18:53.0662 3940 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
16:18:53.0677 3940 Compbatt - ok
16:18:53.0693 3940 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
16:18:53.0693 3940 crcdisk - ok
16:18:53.0740 3940 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
16:18:53.0755 3940 DfsC - ok
16:18:53.0786 3940 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
16:18:53.0802 3940 disk - ok
16:18:53.0833 3940 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
16:18:53.0880 3940 Dot4 - ok
16:18:53.0896 3940 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:18:53.0927 3940 Dot4Print - ok
16:18:53.0942 3940 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
16:18:53.0974 3940 dot4usb - ok
16:18:54.0005 3940 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
16:18:54.0036 3940 drmkaud - ok
16:18:54.0083 3940 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
16:18:54.0114 3940 DXGKrnl - ok
16:18:54.0145 3940 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:18:54.0192 3940 E1G60 - ok
16:18:54.0208 3940 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
16:18:54.0223 3940 Ecache - ok
16:18:54.0254 3940 ElbyCDIO (15814b675e9d08953f2c64e4e5ccb4f4) C:\Windows\system32\Drivers\ElbyCDIO.sys
16:18:54.0270 3940 ElbyCDIO - ok
16:18:54.0286 3940 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
16:18:54.0317 3940 elxstor - ok
16:18:54.0332 3940 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
16:18:54.0364 3940 ErrDev - ok
16:18:54.0395 3940 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
16:18:54.0426 3940 exfat - ok
16:18:54.0457 3940 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
16:18:54.0488 3940 fastfat - ok
16:18:54.0504 3940 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
16:18:54.0535 3940 fdc - ok
16:18:54.0566 3940 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
16:18:54.0582 3940 FileInfo - ok
16:18:54.0598 3940 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
16:18:54.0629 3940 Filetrace - ok
16:18:54.0629 3940 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:18:54.0660 3940 flpydisk - ok
16:18:54.0691 3940 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
16:18:54.0707 3940 FltMgr - ok
16:18:54.0738 3940 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
16:18:54.0769 3940 Fs_Rec - ok
16:18:54.0785 3940 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
16:18:54.0800 3940 gagp30kx - ok
16:18:54.0816 3940 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:18:54.0832 3940 GEARAspiWDM - ok
16:18:54.0847 3940 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
16:18:54.0910 3940 HdAudAddService - ok
16:18:54.0941 3940 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:18:55.0003 3940 HDAudBus - ok
16:18:55.0019 3940 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
16:18:55.0081 3940 HidBth - ok
16:18:55.0097 3940 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
16:18:55.0144 3940 HidIr - ok
16:18:55.0175 3940 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
16:18:55.0206 3940 HidUsb - ok
16:18:55.0237 3940 hitmanpro35 (c6ff685e2ea55c3ac5c90b9e7d6930c0) C:\Windows\system32\drivers\hitmanpro35.sys
16:18:55.0253 3940 hitmanpro35 - ok
16:18:55.0268 3940 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
16:18:55.0268 3940 HpCISSs - ok
16:18:55.0315 3940 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
16:18:55.0378 3940 HTTP - ok
16:18:55.0409 3940 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
16:18:55.0409 3940 i2omp - ok
16:18:55.0424 3940 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
16:18:55.0456 3940 i8042prt - ok
16:18:55.0471 3940 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
16:18:55.0487 3940 iaStorV - ok
16:18:55.0502 3940 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
16:18:55.0518 3940 iirsp - ok
16:18:55.0534 3940 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
16:18:55.0549 3940 intelide - ok
16:18:55.0565 3940 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
16:18:55.0596 3940 intelppm - ok
16:18:55.0627 3940 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:18:55.0658 3940 IpFilterDriver - ok
16:18:55.0674 3940 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
16:18:55.0721 3940 IPMIDRV - ok
16:18:55.0768 3940 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
16:18:55.0814 3940 IPNAT - ok
16:18:55.0830 3940 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
16:18:55.0877 3940 IRENUM - ok
16:18:55.0892 3940 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
16:18:55.0908 3940 isapnp - ok
16:18:55.0939 3940 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
16:18:55.0955 3940 iScsiPrt - ok
16:18:55.0970 3940 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
16:18:55.0970 3940 iteatapi - ok
16:18:55.0986 3940 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
16:18:56.0002 3940 iteraid - ok
16:18:56.0002 3940 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
16:18:56.0017 3940 kbdclass - ok
16:18:56.0048 3940 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
16:18:56.0080 3940 kbdhid - ok
16:18:56.0111 3940 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
16:18:56.0142 3940 KSecDD - ok
16:18:56.0158 3940 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
16:18:56.0204 3940 ksthunk - ok
16:18:56.0220 3940 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
16:18:56.0267 3940 lltdio - ok
16:18:56.0282 3940 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
16:18:56.0298 3940 LSI_FC - ok
16:18:56.0314 3940 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
16:18:56.0329 3940 LSI_SAS - ok
16:18:56.0345 3940 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
16:18:56.0360 3940 LSI_SCSI - ok
16:18:56.0376 3940 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
16:18:56.0407 3940 luafv - ok
16:18:56.0454 3940 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
16:18:56.0470 3940 megasas - ok
16:18:56.0501 3940 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
16:18:56.0532 3940 MegaSR - ok
16:18:56.0548 3940 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
16:18:56.0594 3940 Modem - ok
16:18:56.0610 3940 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
16:18:56.0657 3940 monitor - ok
16:18:56.0657 3940 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
16:18:56.0672 3940 mouclass - ok
16:18:56.0688 3940 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
16:18:56.0735 3940 mouhid - ok
16:18:56.0735 3940 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
16:18:56.0750 3940 MountMgr - ok
16:18:56.0766 3940 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
16:18:56.0782 3940 mpio - ok
16:18:56.0797 3940 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
16:18:56.0844 3940 mpsdrv - ok
16:18:56.0844 3940 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
16:18:56.0860 3940 Mraid35x - ok
16:18:56.0891 3940 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
16:18:56.0922 3940 MRxDAV - ok
16:18:56.0938 3940 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:56.0969 3940 mrxsmb - ok
16:18:56.0984 3940 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:57.0016 3940 mrxsmb10 - ok
16:18:57.0031 3940 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:57.0047 3940 mrxsmb20 - ok
16:18:57.0062 3940 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
16:18:57.0078 3940 msahci - ok
16:18:57.0109 3940 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
16:18:57.0125 3940 msdsm - ok
16:18:57.0156 3940 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
16:18:57.0203 3940 Msfs - ok
16:18:57.0218 3940 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
16:18:57.0218 3940 msisadrv - ok
16:18:57.0234 3940 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
16:18:57.0281 3940 MSKSSRV - ok
16:18:57.0296 3940 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:57.0343 3940 MSPCLOCK - ok
16:18:57.0343 3940 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
16:18:57.0390 3940 MSPQM - ok
16:18:57.0421 3940 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
16:18:57.0437 3940 MsRPC - ok
16:18:57.0452 3940 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
16:18:57.0468 3940 mssmbios - ok
16:18:57.0484 3940 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
16:18:57.0530 3940 MSTEE - ok
16:18:57.0546 3940 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
16:18:57.0546 3940 MTsensor - ok
16:18:57.0562 3940 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
16:18:57.0577 3940 Mup - ok
16:18:57.0593 3940 mv61xx (792ca0761a6ff267fb271fa4dbe8cd84) C:\Windows\system32\DRIVERS\mv61xx.sys
16:18:57.0608 3940 mv61xx - ok
16:18:57.0640 3940 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
16:18:57.0655 3940 NativeWifiP - ok
16:18:57.0686 3940 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
16:18:57.0718 3940 NDIS - ok
16:18:57.0733 3940 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:57.0749 3940 NdisTapi - ok
16:18:57.0780 3940 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:57.0811 3940 Ndisuio - ok
16:18:57.0858 3940 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:57.0889 3940 NdisWan - ok
16:18:57.0920 3940 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
16:18:57.0952 3940 NDProxy - ok
16:18:57.0967 3940 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
16:18:58.0014 3940 NetBIOS - ok
16:18:58.0030 3940 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
16:18:58.0076 3940 netbt - ok
16:18:58.0092 3940 netr28ux (c553716f6f7bca3444cee52dfb7c9016) C:\Windows\system32\DRIVERS\netr28ux.sys
16:18:58.0154 3940 netr28ux - ok
16:18:58.0170 3940 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
16:18:58.0186 3940 nfrd960 - ok
16:18:58.0217 3940 nmwcdcx64 (bf8bd79edb75b4eafc6892424ad3485c) C:\Windows\system32\drivers\ccdcmbox64.sys
16:18:58.0248 3940 nmwcdcx64 - ok
16:18:58.0279 3940 nmwcdx64 (3fad4113e2ac9b36f97dfa28ad37fd8d) C:\Windows\system32\drivers\ccdcmbx64.sys
16:18:58.0310 3940 nmwcdx64 - ok
16:18:58.0326 3940 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
16:18:58.0373 3940 Npfs - ok
16:18:58.0404 3940 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
16:18:58.0451 3940 nsiproxy - ok
16:18:58.0513 3940 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
16:18:58.0560 3940 Ntfs - ok
16:18:58.0576 3940 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
16:18:58.0622 3940 Null - ok
16:18:59.0090 3940 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:18:59.0340 3940 nvlddmkm - ok
16:18:59.0387 3940 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
16:18:59.0402 3940 nvraid - ok
16:18:59.0434 3940 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
16:18:59.0449 3940 nvstor - ok
16:18:59.0465 3940 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
16:18:59.0465 3940 nv_agp - ok
16:18:59.0496 3940 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
16:18:59.0527 3940 ohci1394 - ok
16:18:59.0543 3940 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
16:18:59.0590 3940 Parport - ok
16:18:59.0605 3940 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
16:18:59.0621 3940 partmgr - ok
16:18:59.0652 3940 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:18:59.0652 3940 pccsmcfd - ok
16:18:59.0683 3940 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
16:18:59.0683 3940 pci - ok
16:18:59.0699 3940 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
16:18:59.0714 3940 pciide - ok
16:18:59.0730 3940 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
16:18:59.0730 3940 pcmcia - ok
16:18:59.0777 3940 PCTCore (8f38fffa9e7b9d547b7921efa8edff3c) C:\Windows\system32\drivers\PCTCore64.sys
16:18:59.0777 3940 PCTCore - ok
16:18:59.0792 3940 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
16:18:59.0824 3940 pctDS - ok
16:18:59.0870 3940 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
16:18:59.0902 3940 pctEFA - ok
16:18:59.0933 3940 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
16:19:00.0026 3940 PEAUTH - ok
16:19:00.0120 3940 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
16:19:00.0151 3940 PptpMiniport - ok
16:19:00.0182 3940 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
16:19:00.0229 3940 Processor - ok
16:19:00.0260 3940 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
16:19:00.0292 3940 PSched - ok
16:19:00.0323 3940 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:19:00.0323 3940 PxHlpa64 - ok
16:19:00.0385 3940 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
16:19:00.0432 3940 ql2300 - ok
16:19:00.0448 3940 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
16:19:00.0463 3940 ql40xx - ok
16:19:00.0479 3940 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
16:19:00.0510 3940 QWAVEdrv - ok
16:19:00.0526 3940 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
16:19:00.0572 3940 RasAcd - ok
16:19:00.0588 3940 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:19:00.0619 3940 Rasl2tp - ok
16:19:00.0650 3940 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
16:19:00.0682 3940 RasPppoe - ok
16:19:00.0713 3940 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
16:19:00.0728 3940 RasSstp - ok
16:19:00.0760 3940 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
16:19:00.0806 3940 rdbss - ok
16:19:00.0838 3940 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:19:00.0884 3940 RDPCDD - ok
16:19:00.0900 3940 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
16:19:00.0931 3940 rdpdr - ok
16:19:00.0947 3940 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
16:19:00.0978 3940 RDPENCDD - ok
16:19:00.0994 3940 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
16:19:01.0040 3940 RDPWD - ok
16:19:01.0072 3940 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
16:19:01.0072 3940 regi - ok
16:19:01.0118 3940 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
16:19:01.0181 3940 rspndr - ok
16:19:01.0228 3940 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:19:01.0228 3940 SASDIFSV - ok
16:19:01.0243 3940 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:19:01.0243 3940 SASKUTIL - ok
16:19:01.0259 3940 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
16:19:01.0274 3940 sbp2port - ok
16:19:01.0306 3940 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:19:01.0352 3940 secdrv - ok
16:19:01.0399 3940 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
16:19:01.0399 3940 Sentinel64 - ok
16:19:01.0415 3940 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
16:19:01.0462 3940 Serenum - ok
16:19:01.0477 3940 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
16:19:01.0524 3940 Serial - ok
16:19:01.0540 3940 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
16:19:01.0571 3940 sermouse - ok
16:19:01.0602 3940 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
16:19:01.0649 3940 sffdisk - ok
16:19:01.0664 3940 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
16:19:01.0696 3940 sffp_mmc - ok
16:19:01.0711 3940 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
16:19:01.0758 3940 sffp_sd - ok
16:19:01.0820 3940 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
16:19:01.0867 3940 sfloppy - ok
16:19:01.0898 3940 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
16:19:01.0898 3940 SiSRaid2 - ok
16:19:01.0914 3940 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
16:19:01.0930 3940 SiSRaid4 - ok
16:19:01.0961 3940 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
16:19:01.0992 3940 Smb - ok
16:19:01.0992 3940 speedfan - ok
16:19:02.0023 3940 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
16:19:02.0023 3940 spldr - ok
16:19:02.0086 3940 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
16:19:02.0132 3940 srv - ok
16:19:02.0164 3940 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
16:19:02.0179 3940 srv2 - ok
16:19:02.0210 3940 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
16:19:02.0226 3940 srvnet - ok
16:19:02.0242 3940 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
16:19:02.0242 3940 swenum - ok
16:19:02.0257 3940 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
16:19:02.0273 3940 Symc8xx - ok
16:19:02.0273 3940 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
16:19:02.0288 3940 Sym_hi - ok
16:19:02.0304 3940 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
16:19:02.0320 3940 Sym_u3 - ok
16:19:02.0366 3940 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
16:19:02.0413 3940 Tcpip - ok
16:19:02.0444 3940 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
16:19:02.0476 3940 Tcpip6 - ok
16:19:02.0522 3940 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
16:19:02.0569 3940 tcpipreg - ok
16:19:02.0600 3940 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
16:19:02.0647 3940 TDPIPE - ok
16:19:02.0663 3940 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
16:19:02.0694 3940 TDTCP - ok
16:19:02.0710 3940 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
16:19:02.0756 3940 tdx - ok
16:19:02.0788 3940 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
16:19:02.0803 3940 TermDD - ok
16:19:02.0819 3940 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
16:19:02.0834 3940 Tpkd - ok
16:19:02.0866 3940 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:19:02.0897 3940 tssecsrv - ok
16:19:02.0912 3940 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
16:19:02.0928 3940 tunmp - ok
16:19:02.0959 3940 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
16:19:02.0990 3940 tunnel - ok
16:19:02.0990 3940 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
16:19:03.0006 3940 uagp35 - ok
16:19:03.0053 3940 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
16:19:03.0084 3940 udfs - ok
16:19:03.0115 3940 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
16:19:03.0115 3940 uliagpkx - ok
16:19:03.0131 3940 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
16:19:03.0146 3940 uliahci - ok
16:19:03.0178 3940 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
16:19:03.0178 3940 UlSata - ok
16:19:03.0209 3940 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
16:19:03.0224 3940 ulsata2 - ok
16:19:03.0240 3940 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
16:19:03.0271 3940 umbus - ok
16:19:03.0318 3940 upperdev (67ed617ed48014447039a1ef4b9d05ec) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:19:03.0349 3940 upperdev - ok
16:19:03.0521 3940 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
16:19:03.0568 3940 usbaudio - ok
16:19:03.0614 3940 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
16:19:03.0661 3940 usbccgp - ok
16:19:03.0755 3940 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
16:19:03.0817 3940 usbcir - ok
16:19:03.0895 3940 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
16:19:03.0926 3940 usbehci - ok
16:19:03.0942 3940 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
16:19:03.0989 3940 usbhub - ok
16:19:04.0004 3940 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
16:19:04.0067 3940 usbohci - ok
16:19:04.0098 3940 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
16:19:04.0129 3940 usbprint - ok
16:19:04.0145 3940 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
16:19:04.0176 3940 usbscan - ok
16:19:04.0176 3940 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
16:19:04.0207 3940 usbser - ok
16:19:04.0238 3940 UsbserFilt (eb84ceaafec6680c8b04c40a5ede7147) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
16:19:04.0254 3940 UsbserFilt - ok
16:19:04.0270 3940 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:19:04.0301 3940 USBSTOR - ok
16:19:04.0316 3940 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
16:19:04.0332 3940 usbuhci - ok
16:19:04.0363 3940 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
16:19:04.0394 3940 usbvideo - ok
16:19:04.0410 3940 VClone (8fc6e3d302550a06c7c5db9f1ab54193) C:\Windows\system32\DRIVERS\VClone.sys
16:19:04.0426 3940 VClone - ok
16:19:04.0441 3940 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
16:19:04.0472 3940 vga - ok
16:19:04.0488 3940 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
16:19:04.0519 3940 VgaSave - ok
16:19:04.0582 3940 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
16:19:04.0582 3940 viaide - ok
16:19:04.0597 3940 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
16:19:04.0613 3940 volmgr - ok
16:19:04.0644 3940 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
16:19:04.0691 3940 volmgrx - ok
16:19:04.0706 3940 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
16:19:04.0722 3940 volsnap - ok
16:19:04.0753 3940 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
16:19:04.0753 3940 vsmraid - ok
16:19:04.0784 3940 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
16:19:04.0847 3940 WacomPen - ok
16:19:04.0862 3940 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:19:04.0909 3940 Wanarp - ok
16:19:04.0909 3940 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:19:04.0940 3940 Wanarpv6 - ok
16:19:04.0956 3940 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
16:19:04.0972 3940 Wd - ok
16:19:04.0987 3940 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
16:19:05.0018 3940 Wdf01000 - ok
16:19:05.0081 3940 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
16:19:05.0112 3940 WmiAcpi - ok
16:19:05.0143 3940 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
16:19:05.0174 3940 WpdUsb - ok
16:19:05.0206 3940 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
16:19:05.0237 3940 ws2ifsl - ok
16:19:05.0284 3940 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:19:05.0330 3940 WUDFRd - ok
16:19:05.0362 3940 yukonx64 (827aaae4f84945658b0b03da805df44e) C:\Windows\system32\DRIVERS\yk60x64.sys
16:19:05.0408 3940 yukonx64 - ok
16:19:05.0471 3940 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
16:19:05.0486 3940 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
16:19:05.0502 3940 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:19:05.0627 3940 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:19:05.0627 3940 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:19:05.0627 3940 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
16:19:05.0705 3940 \Device\Harddisk1\DR1 - ok
16:19:05.0705 3940 Boot (0x1200) (76fef732bb3db9d48eb14ca12accd0df) \Device\Harddisk0\DR0\Partition0
16:19:05.0705 3940 \Device\Harddisk0\DR0\Partition0 - ok
16:19:05.0720 3940 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
16:19:05.0720 3940 \Device\Harddisk1\DR1\Partition0 - ok
16:19:05.0720 3940 Boot (0x1200) (27f98a1577fc88371edb4bbca4c39ab5) \Device\Harddisk1\DR1\Partition1
16:19:05.0720 3940 \Device\Harddisk1\DR1\Partition1 - ok
16:19:05.0720 3940 ============================================================
16:19:05.0720 3940 Scan finished
16:19:05.0720 3940 ============================================================
16:19:05.0720 0796 Detected object count: 1
16:19:05.0720 0796 Actual detected object count: 1
16:19:48.0215 0796 \Device\Harddisk0\DR0\TDLFS - deleted
16:19:48.0215 0796 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
16:20:14.0906 1548 Deinitialize success



OTL logfile created on: 1/3/2012 4:42:33 PM - Run 9
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

8.00 Gb Total Physical Memory | 6.31 Gb Available Physical Memory | 78.94% Memory free
16.05 Gb Paging File | 14.38 Gb Available in Paging File | 89.65% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 87.46 Gb Free Space | 31.30% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 24.30 Gb Free Space | 1.74% Space Free | Partition Type: NTFS

Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
PRC - [2011/09/07 15:53:57 | 000,040,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2011/01/01 18:47:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 15:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2007/08/21 15:37:16 | 001,220,608 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\WiFi-AP @n\[email protected]
PRC - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/09 00:15:00 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/12/09 00:14:50 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/12/09 00:14:49 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/12/09 00:14:49 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/12/09 00:14:49 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
MOD - [2008/04/15 09:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/19 01:01:47 | 000,146,816 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/05/14 08:01:24 | 004,901,888 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:64bit: - [2008/10/28 00:20:22 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2007/10/19 04:10:30 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 19:28:40 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/24 11:33:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/06 17:06:09 | 000,025,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/11/25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/06/10 00:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/09/24 11:29:20 | 000,035,840 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2008/09/15 07:57:32 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 07:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 07:57:18 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/07/21 13:11:56 | 000,032,200 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008/05/19 08:47:48 | 000,173,096 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008/03/20 01:44:34 | 000,467,456 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2007/09/05 11:04:48 | 000,077,872 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2007/08/15 21:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2007/08/15 09:22:00 | 000,369,152 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007/04/17 08:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006/10/31 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010/03/13 11:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/23 15:48:42] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.b.dk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iam...c=tops&search="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.berlingske.dk/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.5
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.20.00
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.204
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/02/04 15:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\NETELLER app\plugins\Firefox\neteller\ [2010/10/20 09:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/15 18:32:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 19:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/15 19:46:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks [2009/11/20 06:07:02 | 000,000,000 | ---D | M]

[2008/12/29 00:32:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Extensions
[2012/01/03 03:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions
[2010/05/13 22:57:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/17 01:39:15 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/08/22 09:46:58 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/06 12:05:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/14 17:10:36 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2011/09/18 17:59:25 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2010/08/31 14:08:56 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\[email protected]
[2012/01/03 16:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/03 16:24:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\[email protected]
[2011/12/13 19:17:51 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/03 16:24:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 12:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2011/12/13 06:52:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/15 11:53:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/12/13 06:52:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
CHR - plugin: NeuLion Adaptive Plugin (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2012/01/03 15:59:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk = File not found
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15:64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1FB07-90EC-4593-920F-913C35E23C0F}: DhcpNameServer = 193.162.153.164 194.239.134.83
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/03 16:27:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/03 16:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/01/03 16:24:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/03 16:24:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/03 16:24:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/03 16:11:45 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/03 15:59:09 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/03 15:34:50 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/12/30 16:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2011/12/30 16:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2011/12/28 00:17:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\.gnubg
[2011/12/28 00:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNU Backgammon
[2011/12/28 00:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gnubg
[2011/12/28 00:10:16 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goto.Games
[2011/12/28 00:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goto.Games
[2011/12/28 00:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Goto.Games
[2011/12/27 22:54:32 | 000,000,000 | ---D | C] -- C:\Snowie Documents
[2011/12/27 22:54:31 | 000,462,848 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMW3VWN.DLL
[2011/12/27 22:54:31 | 000,169,472 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\HTML.OCX
[2011/12/27 22:54:31 | 000,066,560 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMORENU.DLL
[2011/12/27 22:54:31 | 000,048,128 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMSCKN.DLL
[2011/12/27 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2011/12/27 22:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnowieGroup
[2011/12/27 22:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnowieGroup
[2011/12/27 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/27 19:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/27 19:36:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/27 19:36:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/27 19:36:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/27 19:36:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/27 19:35:34 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:35:34 | 004,367,676 | R--- | C] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2011/12/27 19:35:34 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:35:34 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/27 19:22:50 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Desktop\Cleaning
[2011/12/27 18:43:21 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxoft Toolbox
[2011/12/23 22:51:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 18:51:02 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:50 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:32:40 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Local\Play65
[2011/12/15 12:45:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT
[2011/12/15 12:30:26 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/15 12:27:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 12:27:26 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 12:27:26 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 12:21:33 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011/12/14 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Lønsedler
[2011/12/13 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft.temp
[2011/12/13 00:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/12/07 23:51:51 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/06 22:28:10 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 22:00:34 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/12/06 22:00:34 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/12/06 22:00:34 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/12/06 18:27:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/06 18:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/12/06 17:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/12/06 16:50:41 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/12/06 16:50:41 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/12/06 16:50:41 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/12/06 16:50:41 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/12/06 16:50:39 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/12/06 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/06 16:50:37 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/06 11:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/03 16:45:04 | 000,875,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/03 16:45:04 | 000,715,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/03 16:45:04 | 000,151,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/03 16:38:13 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/01/03 16:38:13 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/01/03 16:37:39 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 16:37:39 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 16:37:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/03 16:24:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/01/03 16:24:37 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/03 16:24:37 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/03 16:24:37 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/03 15:59:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/03 15:59:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
[2012/01/03 15:34:32 | 004,367,676 | R--- | M] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2012/01/03 15:05:52 | 000,000,218 | ---- | M] () -- C:\Users\Michael Eilersen\.recently-used.xbel
[2012/01/03 14:51:05 | 000,002,675 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/31 08:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
[2011/12/30 16:23:02 | 000,000,043 | ---- | M] () -- C:\Windows\gswin64.ini
[2011/12/29 19:26:15 | 000,072,192 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/28 11:46:55 | 003,336,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/28 03:00:26 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2011/12/28 00:17:11 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\GNU Backgammon CLI.lnk
[2011/12/28 00:17:11 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\GNU Backgammon.lnk
[2011/12/28 00:10:21 | 000,001,009 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\NetGammon8.lnk
[2011/12/27 22:52:57 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\Snowie Version 4.lnk
[2011/12/27 22:00:13 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:18:34 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:17:24 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:16:48 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 22:01:14 | 000,000,601 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 18:50:58 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:28 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/23 13:02:43 | 000,684,297 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 12:47:54 | 000,001,460 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2011/12/16 17:34:12 | 000,000,824 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 19:46:44 | 000,000,912 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 19:46:44 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/15 18:00:29 | 000,002,097 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Google Chrome.lnk
[2011/12/15 18:00:29 | 000,002,059 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/15 15:56:04 | 000,000,973 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:39:21 | 002,933,318 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/15 12:30:37 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/12/15 12:30:37 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/12/15 12:30:36 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011/12/15 12:30:36 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011/12/15 12:30:26 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/15 12:30:23 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/14 12:26:28 | 000,002,633 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/14 12:07:57 | 002,039,842 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:55:18 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/13 23:53:05 | 118,082,211 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/07 23:51:53 | 002,540,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 22:38:49 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:37:38 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:26:55 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 17:06:09 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 17:06:09 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/06 16:50:38 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/06 16:18:35 | 000,000,972 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/06 12:07:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/03 15:05:52 | 000,000,218 | ---- | C] () -- C:\Users\Michael Eilersen\.recently-used.xbel
[2011/12/30 16:23:02 | 000,000,043 | ---- | C] () -- C:\Windows\gswin64.ini
[2011/12/28 00:17:11 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\GNU Backgammon CLI.lnk
[2011/12/28 00:17:11 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\GNU Backgammon.lnk
[2011/12/28 00:10:21 | 000,001,009 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\NetGammon8.lnk
[2011/12/27 23:23:51 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET
[2011/12/27 22:54:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\NMOCOD.DLL
[2011/12/27 22:53:07 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\bdeadmin.cpl
[2011/12/27 22:52:57 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\Snowie Version 4.lnk
[2011/12/27 19:49:12 | 000,000,972 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:49:12 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:36:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/27 19:36:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/27 19:36:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/27 19:36:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/27 19:36:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/23 22:27:08 | 000,001,589 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/12/23 22:27:08 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/12/23 22:01:14 | 000,000,601 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 21:28:45 | 000,684,297 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 13:16:56 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011/12/23 13:16:56 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2010.lnk
[2011/12/23 13:16:56 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Engelsk-Dansk Dansk-Engelsk.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:56 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2011/12/23 13:16:56 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/23 13:16:56 | 000,001,813 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/23 13:16:56 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/12/23 13:16:56 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Luxury Casino.lnk
[2011/12/23 13:16:56 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/23 13:16:56 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/12/23 13:16:56 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Batch Image To PDF.lnk
[2011/12/23 13:16:56 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/23 13:16:56 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Batch PDF Pro.lnk
[2011/12/23 13:16:56 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\R 2.11.1.lnk
[2011/12/23 13:16:56 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\R 2.8.1.lnk
[2011/12/23 13:16:56 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/12/23 13:16:56 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2011/12/23 13:16:56 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/23 13:16:56 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Mobipocket Creator.lnk
[2011/12/23 13:16:56 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\DVDneXtCOPY 4.lnk
[2011/12/23 13:16:56 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\YouSee Player.lnk
[2011/12/23 13:16:56 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/12/23 13:16:56 | 000,000,673 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD 2010.lnk
[2011/12/23 13:16:56 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/12/23 13:16:56 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\JPG To PDF Converter.lnk
[2011/12/23 13:16:56 | 000,000,134 | ---- | C] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
[2011/12/23 13:16:53 | 000,002,675 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/23 13:16:53 | 000,002,633 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/23 13:16:53 | 000,002,059 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/23 13:16:53 | 000,002,037 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011/12/23 13:16:53 | 000,001,954 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2011/12/23 13:16:53 | 000,001,952 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:53 | 000,001,692 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/12/23 13:16:53 | 000,001,667 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
[2011/12/23 13:16:53 | 000,001,481 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS4.lnk
[2011/12/23 13:16:53 | 000,001,228 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe After Effects CS4.lnk
[2011/12/23 13:16:53 | 000,001,125 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Liquid Story Binder XE.lnk
[2011/12/23 13:16:53 | 000,001,071 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop CS4 (64 Bit).lnk
[2011/12/23 13:16:53 | 000,001,047 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/12/23 13:16:53 | 000,001,008 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Image to PDF Converter Free.lnk
[2011/12/23 13:16:53 | 000,000,974 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\WinBUGS14.exe - Shortcut.lnk
[2011/12/23 13:16:53 | 000,000,973 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/23 13:16:53 | 000,000,968 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/12/23 13:16:53 | 000,000,950 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\CINEMA 4D Release 11 64 Bit.lnk
[2011/12/23 13:16:53 | 000,000,912 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/23 13:16:53 | 000,000,898 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\vlc.lnk
[2011/12/23 13:16:53 | 000,000,826 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk
[2011/12/23 13:16:53 | 000,000,806 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/12/23 13:16:53 | 000,000,544 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\JPG To PDF Converter.lnk
[2011/12/23 13:16:53 | 000,000,258 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/23 13:16:53 | 000,000,240 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/23 13:16:47 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/12/23 13:16:47 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011/12/23 13:16:47 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/12/23 13:16:47 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/12/23 13:16:47 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/23 13:16:47 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/12/23 13:16:47 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/23 13:16:47 | 000,001,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/12/23 13:16:47 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/12/23 13:16:47 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/12/23 13:16:47 | 000,001,763 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/12/23 13:16:47 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/12/23 13:16:47 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/12/23 13:16:47 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/23 13:16:47 | 000,001,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer EP.lnk
[2011/12/23 13:16:47 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/12/23 13:16:47 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS3.lnk
[2011/12/23 13:16:47 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/12/23 13:16:47 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/12/23 13:16:47 | 000,000,916 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/12/23 13:16:47 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/23 13:16:47 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/12/23 13:16:47 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouSee Player.lnk
[2011/12/23 13:16:47 | 000,000,732 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSJ.lnk
[2011/12/23 13:16:47 | 000,000,685 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD 2010.lnk
[2011/12/16 17:34:12 | 000,000,824 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 15:56:04 | 000,000,979 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:30:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/14 12:07:57 | 002,039,842 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:51:39 | 118,082,211 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/06 22:39:30 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:38:06 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:00:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/12/06 22:00:34 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip
[2011/12/06 22:00:34 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/12/06 22:00:34 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/12/06 22:00:34 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/12/06 17:06:09 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 16:50:42 | 002,933,318 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/10/07 00:07:02 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011/01/08 10:31:19 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 10:31:19 | 000,000,008 | RHS- | C] () -- C:\ProgramData\476E5D3C28.sys
[2011/01/02 10:16:43 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/02 10:16:43 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/12/31 01:16:56 | 000,000,221 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\burnaware.ini
[2010/12/24 14:39:15 | 000,233,472 | ---- | C] () -- C:\Windows\Dqihia.exe
[2010/12/13 16:43:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/12/05 12:47:43 | 000,000,000 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\.NANotifyHere
[2010/06/30 21:03:43 | 000,003,433 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\SAS7_000.DAT
[2010/06/05 12:01:33 | 000,000,158 | ---- | C] () -- C:\Windows\matlab.ini
[2010/04/23 14:20:44 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/04/12 12:06:17 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/03/22 22:27:44 | 000,000,351 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2010/03/04 10:35:07 | 000,395,776 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/03/04 10:35:07 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/03/04 10:35:07 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/02/14 15:12:33 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/02/14 13:46:05 | 000,000,045 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\machpro.dat
[2009/12/07 14:44:22 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009/12/07 14:44:22 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009/11/09 14:15:31 | 000,145,558 | ---- | C] () -- C:\Windows\hpoins13.dat
[2009/09/18 06:31:56 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 06:30:41 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/18 06:30:04 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/06 21:58:17 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/08/07 15:49:47 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/07 15:49:23 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/15 13:32:53 | 001,507,328 | ---- | C] () -- C:\Windows\SysWow64\nView.dll
[2009/07/15 13:32:53 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll
[2009/07/05 16:56:32 | 000,000,144 | ---- | C] () -- C:\Windows\SysWow64\lkfl.dat
[2009/07/05 16:56:32 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\pdfl.dat
[2009/07/05 16:56:32 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\ibfl.dat
[2009/07/01 18:02:03 | 000,004,965 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/06/28 18:18:47 | 000,001,365 | ---- | C] () -- C:\Windows\IPokerscope.ini
[2009/06/12 18:35:57 | 000,001,356 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2009/06/10 18:23:33 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2009/06/10 18:23:33 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2009/06/10 18:23:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009/04/06 21:26:10 | 001,362,460 | ---- | C] () -- C:\Windows\SysWow64\ExpansionHD_Firmware.bin
[2009/03/30 19:50:22 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\Uninstow.exe
[2009/03/11 23:48:03 | 000,000,024 | ---- | C] () -- C:\Windows\TEXTware.ini
[2009/03/09 17:24:07 | 000,130,858 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/03/09 17:23:56 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2009/03/02 00:10:25 | 000,036,868 | ---- | C] () -- C:\Program Files (x86)\uninst-Particular.exe
[2009/02/04 18:59:31 | 004,372,059 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\NMM-MetaData.db
[2008/11/23 00:22:01 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_fts3.dll
[2008/11/23 00:22:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_rtree.dll
[2008/11/23 00:22:01 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_impexp.dll
[2008/11/23 00:22:00 | 000,001,462 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/23 00:22:00 | 000,000,837 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/02 15:41:58 | 000,000,104 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\fusioncache.dat
[2008/11/02 15:26:43 | 000,818,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/11/01 23:24:13 | 000,024,226 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\UserTile.png
[2008/10/31 00:23:34 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2008/10/22 21:14:53 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/22 12:42:49 | 000,072,192 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/21 14:05:34 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/10/21 13:25:26 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/10/21 13:25:26 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/10/21 13:25:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/10/21 13:25:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/10/21 13:03:08 | 000,036,924 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/10/21 13:02:49 | 000,034,756 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/21 12:17:38 | 000,001,460 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2008/02/08 17:03:43 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll
[2008/02/04 18:23:10 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/01/22 17:05:38 | 000,000,811 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/06/13 08:12:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\winOGL.dll
[2000/04/12 16:23:18 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[2000/02/11 09:47:38 | 000,003,120 | ---- | C] () -- C:\Windows\TMN211G.ini
[1997/09/30 15:29:10 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL

========== Files - Unicode (All) ==========
[2010/07/01 09:56:12 | 000,023,986 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx
[2010/06/17 19:08:03 | 000,143,275 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:07:58 | 000,143,275 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:05:05 | 000,060,770 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:02 | 000,060,770 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:00 | 000,023,986 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >



OTL Extras logfile created on: 1/3/2012 4:42:33 PM - Run 9
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

8.00 Gb Total Physical Memory | 6.31 Gb Available Physical Memory | 78.94% Memory free
16.05 Gb Paging File | 14.38 Gb Available in Paging File | 89.65% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 87.46 Gb Free Space | 31.30% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 24.30 Gb Free Space | 1.74% Space Free | Partition Type: NTFS

Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 57 E2 51 29 C3 66 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3194313822-558712583-1741877353-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FCE4E3-AA49-4E6C-AFD0-EB988007A636}" = lport=138 | protocol=17 | dir=in | app=system |
"{01E4B3C5-C2F2-486C-9FB2-2ED1EECA83C6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0AD167C6-5228-40B3-AEB7-2ACA079A5E20}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{0F716D56-6B0F-44C9-AD64-4BE387280E22}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{1206B58B-738D-4482-8483-BEF26ABB28D3}" = lport=139 | protocol=6 | dir=in | app=system |
"{253D9383-8AF5-4950-B5AA-F7EE5A4987B4}" = rport=137 | protocol=17 | dir=out | app=system |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4061}" = lport=25799 | protocol=6 | dir=in | name=spport |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4062}" = lport=25799 | protocol=6 | dir=out | name=spport |
"{32E9D787-911F-4639-9432-20C6DC12D37E}" = lport=445 | protocol=6 | dir=in | app=system |
"{3ADCBFA2-F3C9-4B70-B651-7B20512D573F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47C28765-DE35-4BD0-8388-206CC6238A11}" = rport=445 | protocol=6 | dir=out | app=system |
"{53A9E0A9-478B-44DE-BEC0-93E8EC62A0E9}" = rport=138 | protocol=17 | dir=out | app=system |
"{76A6E7EB-513D-4DAA-929B-1181888BC139}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{77B00329-4867-42E3-AA3E-92B96FEACE57}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C1AFC4D-48D6-4EA3-8900-00208CDD0FE7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F53A94B-10B3-48A5-88F2-E946C0FD173F}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{836EB39E-2CAD-478B-8776-DD0B812D0049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{905BB58A-CC49-4FD1-9AE7-1CFBEC136FD6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A1347F11-25E8-4210-AE39-A19A67759719}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7E491E1-6737-4557-978E-B035F5748662}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B5433E70-B119-4587-9A8D-3DD58D253A06}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B9514CCA-BCF1-44B4-88B7-D66BE9869612}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB46A94E-F1DB-48D5-A418-95F09300598D}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{CF0EE876-5283-431B-A04A-AD8564D034A1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D36F6037-210E-4D6E-AFCD-13E570C76AA7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D8D736F7-2267-46CA-B93D-305FE3E46D6E}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{D9E8CD75-A350-49CA-AB39-5319671D459D}" = lport=137 | protocol=17 | dir=in | app=system |
"{F001FEBC-D2AA-441F-A2FA-9CD3D8426284}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F1043777-3BF1-416B-A257-B3461083B3B1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F92E4E84-1CCF-429A-8E89-3829B7132DDF}" = rport=139 | protocol=6 | dir=out | app=system |
"{FC2C4B65-CFFF-4345-A406-CB6B5346B3E0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FD0ACF60-8CE2-4F57-B60D-A5F02142E323}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC69BA-A92A-491F-B7E6-7353BCF33F31}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{00CBF721-4B8E-40D5-899F-2EC19665FD3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{018EE8A9-E09C-4BDB-BCB8-60AB5CF75429}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{02322976-974E-48DE-8B80-2EFE6EAD20BC}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{05424DB1-AE69-4BBB-BF26-D27B612F6E84}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0788EA70-0BDA-4745-AC69-40E7B2D1788D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{082A1852-F459-45B8-98AC-7286E2959860}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{087DF11D-B1B6-4815-8F74-8131B456C614}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{09763E0A-998A-4FF7-B68F-E7734F07702D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{0A9D4720-8BB5-4583-A372-1C72D14CAF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{0B90A9D5-D4FD-43B6-B1DE-181D68DB99C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{0DBB21AB-82E3-4873-8FB6-19D4E36A8059}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{0E3AABB2-8325-49BB-8F7D-7F207BF700AE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E532DC0-AF43-4568-A014-69A8D18C45A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1055327A-A54C-4B46-8B98-3E8B69446682}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{10D044CB-DA27-45AF-99E4-CAD0064373DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1122B7C1-A552-41AB-BC55-F92CDC156693}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{12D98607-0114-40F6-9786-CD615E987C71}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{135E5E0F-8FC6-479D-ACBF-F8B3A7B234F0}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{144E0DEE-A16D-409D-B971-614CDD4BABFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{1554973C-4480-4DA6-9DF3-6B6CD3EA84CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16486E03-2D83-4FC8-B8FE-EC4369A635BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{174372F2-8773-4181-871E-D5B93472CD31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{17A9EE3B-646B-4626-B046-3E307D664085}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18D83075-01DB-40D0-A8BD-4C16206B7D72}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{1A3AE9D9-ABDB-488F-8583-D174B8B4441A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1A4BA463-3BB5-46F6-A719-0B074EE7BBFD}" = protocol=1 | dir=out | [email protected],-28544 |
"{1C46B1CA-E0F3-4874-BA1D-19352600ADE1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{20DDFBD2-F107-420C-B661-43F41620E530}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{224E3680-B3F9-4F2E-AD83-3E885A8C1FFE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{24B2ED2D-6A30-4F46-9F4D-8D371E23E7A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24DA85F2-A7EE-4686-BC82-35E0AC7E8EE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25302716-F99E-4118-AB68-4A833F6E400B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26019CF1-E423-429A-BF63-4FC685CCF894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{262E34E8-804F-4DAF-83B9-E73DA0E140CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2671F6F8-ED2A-4129-AF81-4F1061322F7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26A6003C-E121-4B0F-898B-316C4DD700DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{274F6403-178D-4CA9-852A-635453C1D26E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{28E3CC2A-749A-407C-991D-D70A35ADCDB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A1163FD-D31E-4F5B-9E25-B85B93F62E08}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{2A45BA91-7B7A-4B2F-9870-4C4AFDFD044F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{2AD05146-01FD-4F3C-9550-C021E181510D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{2B2B337E-B4B3-4225-B4BC-39534540F82D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3569C5-3855-4F49-9F5F-C67BB9E3376A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3959A1-5CBE-4460-A592-4B81EE86C795}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{2BEE8CFD-1668-436F-A895-56A2769139CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2D84109C-26CF-4234-BF0A-9E97FB28F320}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DE730C8-41E8-4BC4-990C-583FEA5FE3D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DFAF968-9D46-49CD-ACE6-496FEA3354F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{2E4B8DF0-02EC-4F20-885E-F80EFE5946FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2F7CA5E2-8379-442A-8B9F-6DA10895D74C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2FECC44D-67E8-4C9B-8560-0D99DCB21A12}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{30B873F2-6B8D-4023-84E4-FB5E0303EF2A}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{30DB8754-9433-4AA7-8AA0-6FDEC8A87788}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3156AB07-ADAE-4D2B-B847-FD64EDD12933}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3375FAB2-713F-4F22-9B67-5DC8EBD56648}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33C09FD7-7FB9-4F15-9AE7-67E3AD113D48}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{34EED1D7-2F7C-479E-9E4B-0E709EF773CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{36BD03AB-809D-4A8C-8C9E-83B3471AD0B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3725A0C2-8CD5-419B-99C3-B286E4434BEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37564943-F465-493B-85C2-2A7FC23810C6}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{375D0F87-B1BF-47C6-B295-FC6CD7E974D1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{37656985-7807-4FFA-ADCB-969A73AC7206}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39496CA2-1FC8-477F-8FF9-61CC840B9592}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{39A4DCF2-9AB5-415D-A172-34429DB5AF6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A51DF0E-7672-4BB7-9A3E-2EE2513DD597}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AAF4355-60CF-4D24-9CC2-AF49BE7DFA10}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{3C8915AA-ECFF-49BD-851A-606B0EEE4F9A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C8BB619-A63A-47BB-9030-3E93DD71119B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3CB516EE-A321-421C-916E-7F6D051A4E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{3F1A6212-CBDB-48D9-BFA5-76B72E57055F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3F5DF151-4297-4B1A-A018-E3EA7794FBFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{403763EC-F354-4111-BD21-0A2B2753103D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{410A8370-3374-41A1-B7C4-D4229A75596C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{417AFA47-440A-4ACF-8071-93A2EE7D31FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43F80202-2486-4C3E-8FA5-7E4FBF12ECB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4720A4F3-8A7C-4BD0-B1F0-5F38A93480C8}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{4775359B-173C-498A-B720-C450929A4C49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{477C488D-39E2-4D83-A4C5-E0CDDEB9CC54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{48FC3BD9-DEB7-49A7-9A49-0599C90A9703}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A09E22D-B1BA-494A-832F-5101A9B80F9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4AF7D903-A4C2-4FF9-B8A0-E5456E8F6CD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CF59DEA-D11E-4940-97FA-5A1D72BE6BAF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4E193BF8-F8FC-4982-9FD5-BBE4D1C861D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E3F35A3-DA77-4C63-8B59-EB44A303E91C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F01A147-5A41-491B-B31D-7E81C51B4D69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F3E8971-E0AF-4E00-8158-5A354DCC68ED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{506B4C0B-DE89-4D9C-9A26-B17990242D93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50B7A01E-690C-421C-A168-ED74AC591221}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{51EBF5F2-BCB1-4090-9593-66DD8E79C9A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5540FFFD-64A7-46DD-930A-77EAC55CCCC3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55619783-9DDE-4DA6-9C7D-79B7F7C231D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{558E2398-87D2-4B81-8859-6A3FBD9D1B18}" = protocol=1 | dir=in | [email protected],-28543 |
"{55B4FE7A-2720-45DF-986F-9861066E30C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{561DDE9B-C6C6-4DB7-BACC-566BFE90D744}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{56A92410-452F-46DB-BE94-7A6D0B1F6D21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{56D5D0D6-BA97-4625-8F05-4F115DDC3BF1}" = protocol=58 | dir=in | [email protected],-28545 |
"{57AACDC7-465E-4C94-888C-5F490F24FDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5924A1D9-A52A-4454-9B23-5BA0C87DE0DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5987700A-F565-405B-A507-56F89BC3877E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A4AD0BF-6E62-4B5A-A987-4033189D1259}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5B9E8DBA-91B8-429E-AEB8-B8A9B292604C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CE6BC21-423D-4FA5-9555-0E3FFC22120A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CFD1C70-9C9B-466B-AD40-D2312DF267DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5DE59C85-CB41-4A17-AD02-CB8C361AA2ED}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{5DF67FCA-E744-4EB2-AE30-111EBB29F47D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5EDCA1A4-845C-4512-96AA-19EC0130E077}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{5FDA3184-587D-4DE8-841A-7C67B3F72298}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{600E29E3-50EE-4802-B90A-78280AD84C04}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6060A3B0-F86A-4A93-9E86-7161A804F7F0}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{62B04440-6545-4C2C-A40D-6957E65CD970}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{6549EE80-5A09-4EF2-B901-580D62A26913}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6575E003-0E52-4A76-8130-143B7DCE19B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{66031CDF-C748-457F-824A-5692FD37888D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67276322-807D-4D86-8CAA-21DC5935E274}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{67B42C8F-4012-49A2-B322-C8658C8B0FD7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{696CD3ED-45CC-4F1E-854B-053086ABBFE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69F6188E-1A3C-4F00-9463-2E29117361DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A2A08E0-52BF-4FBB-956E-842E0BE3BDBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A6FE5F9-13CD-4357-BFE2-99309CC2D92B}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{6A7A2D12-E371-4ED0-BBAD-467FEA336D20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A7F7190-7FDC-4D1B-928D-E2EF2AF9BBFE}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{6A868315-6BB6-4465-989F-EBDC410A4DC8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6AE1FEE3-D98A-436D-A13D-B0A9E005C989}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D4A8FD6-8612-4786-86BC-B204845436E2}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{6D5C459F-7C01-4744-94A8-E68D9C5C074B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{6E8E95B6-3164-4329-BB3C-E4A3B01CEEBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{6EBBF31A-78C0-4DDB-B56B-2441856C7817}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F41A10A-BB63-4032-822A-1EB23EE240E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F4340B8-A7E5-4429-896F-E8E8AF82828B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70064EB3-8064-4AD2-BABD-10643DAB8A05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{702ADFD2-D8D0-4BF6-8838-968B78AED794}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70C5407C-C715-4DB4-8BD5-C25C150CE2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{715F5FD5-CA8A-4418-BB95-AD62681BB9D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{71C7DF1C-4B24-475A-ADFF-D81083371E96}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{722C9C41-01EB-4B91-A2FD-D443BF0E298F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{727684A2-C713-4590-BDF8-FBC374A4E242}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73502D32-D225-46AD-9596-FA635332485F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{737A4D7A-3840-4CAF-A53D-D76A163BA23E}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{74EFB7ED-302A-400C-B252-DA9A0BAF65E0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7565BA6F-EBF8-460B-A02F-B3257D4C9F4F}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{768BA6A5-7229-4FB3-96A1-02F0959C500B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{774ECC65-E8D9-458B-A88C-EFC7CC00AB7B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7825A558-9D96-4C63-AC84-68E480249A67}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{78C2EB2A-BD75-4C10-8F4E-AAB8E82792A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79F108AD-1CBE-4CCF-9A45-21EE985E6BF4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A70EB54-E8A8-4D9C-800D-BDBEBC7BC835}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{7B97999D-8510-4CE0-922E-F2707231C091}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D3CC99A-EB46-4A16-B513-2FCA6D19FCD6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7DDC579C-787E-42D4-9027-FEE2E3CA12E2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E0F5021-3EF0-468B-9287-AC9F762C93B5}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{7E23F7DC-87CB-45D0-A11E-39FA8508D4A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{808C096A-DEED-4D27-BFD3-D03E7E2FE47B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{80F65AEC-1452-430F-8D95-9FECA4AD2EEA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8233B346-8CE8-4AE1-A654-0D2A7C9B3C21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{82357194-743A-4F56-B9D1-C86736DE1D44}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82518090-333E-4D89-AB4A-CFDC76DEFC06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8492DF8E-E5ED-45CE-B986-DAF95A7E7234}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{871C2EA3-3BB6-415E-B1B2-5D5BF984D4F0}" = protocol=58 | dir=out | [email protected],-28546 |
"{882BB5EB-B5D0-439D-A737-34F7356422DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{88E2C35E-3AEC-4A6F-BF0B-1FFB74468D03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8AFBB653-830D-4B64-AE8E-9C925F65037D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8B173D15-A0B4-4990-B49B-EF1115CA2604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E908C10-3EFB-4EE5-BED5-58DCFE829026}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{8EDBC7B6-1A4C-44EC-83F2-C8F1D45938FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F669068-2B76-42B7-8D64-699ECAAFFDDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F776F5A-0D7A-4B3F-81E0-8B65C9B3C1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{93CBCCAC-D909-4495-A494-7C7E86E78E48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{943A51BA-FBFC-4514-AA8A-F9F5CE203A89}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{948E074B-7EC0-4781-BBB4-D3B44BDD4A69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9571C459-BFB9-4499-BB75-BE68EBC92647}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{960DE3D1-2C03-4DD7-BB7C-7ACBF9987741}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{9624AE85-4A1A-4E65-A5C5-0707047CF607}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{96552A36-3B6F-4530-A681-D1C50A38C5D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{982F69BB-2716-4B7A-AAD7-4787BB01A5CB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{98BF7F86-5503-447C-B69C-9BB1879F7BEF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9940421F-93B0-4A53-9DE4-E51699DFFE15}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{99F86493-5577-4972-A3B7-6A6F47BCC603}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9B461B8B-D1B4-4A64-81EF-AD6C218C0DE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9B729A4F-4691-4879-A7DD-5CE94BE01F96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{9E9FDAC7-610E-4449-A320-5123E5355928}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{9F43D85C-05FE-4E28-8093-2AB4D5AD1073}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0A1D675-F5D5-4728-AAFE-07A12E794891}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{A0ECD74B-C324-40D9-A534-EF78E920B83B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A33F36BA-C965-4053-B44B-5BEF08258E82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A36F8440-0789-4ED8-8A52-6EC5C6163FDB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A3EB0E69-5401-45FD-910E-5FF01B280BE9}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{A431311F-BB21-4F0E-A7D6-8C3FA15F72A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{A46ADA1C-C1E8-49DF-B6C3-CA7A59B6AA07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4DD1A48-C398-49F9-8C2B-4AB3B06B1279}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5F19B76-6F22-47AC-A829-C4943678E865}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A68973F6-5037-42DF-9753-BA8A89E67F15}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6F718CC-B365-481B-9E36-E160E00475A6}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A7AF40B3-60A3-4FD2-AF0C-16109EE9462D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A7C3AB66-D643-4922-930C-338ECA5FE1F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A882B064-8A40-4220-8C9E-B29B864322D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A4A667-B465-4F31-975C-94C4779DD2F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8D47FA6-202D-432B-970F-71959566D8CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A91A3B62-7D73-4FC9-BE7E-E78E51311C8B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AABD7A6F-0170-4606-A8D8-957D6C047DCF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{AADB278C-F519-4DEC-860D-EBA1586A4746}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB038C04-4F00-43D0-BFA0-67241A7FA486}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB7ECB0A-F131-4964-84AE-2F478F3EA6FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADAA0DBD-9B0A-496B-B458-DA82C6C15BA4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE189FB7-E329-42A5-BDF3-6C96C5FCDA69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE3A4F15-444D-4B92-851F-54E449DF7AB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF41163D-D235-4396-A100-5188320E8613}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{AF4F0E94-739B-4B37-A0AB-55B0287E8B3E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B1172383-8765-40E6-B14D-6B725E504B5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B15E50C2-8B8D-45F5-9FA6-F985C02A8519}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{B2CCC4F1-25B2-408F-B894-EF75B0761C7F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2FF920B-A792-47C0-AB95-1D6614A5977C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B590473A-08CC-4C1D-BBCA-D379EE63A9F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B620D0D7-76B7-4D2A-8C8C-87B424F222D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B7113CAC-5C13-44F5-920D-D05DC70B737F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9174DDF-2739-4C4D-98B8-04412CF55D76}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9609C44-FC31-4760-B236-BB70958FCD9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9C96C73-E187-4069-A5B1-26BE3810428A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA5966B3-C7AE-4B4D-9282-0981E7A44EEC}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{BB690551-DA14-4B2B-838F-9037D4FBCECE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBF023D5-2BE7-4D75-872F-EA9F33C58695}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC5F49D2-A652-485E-899E-15178E2DFDBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC7218D6-477B-4950-A31F-50CD411EC232}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{C04828F5-711B-4FB5-A239-C22348CC4606}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C04915F9-E695-40D8-90A0-D463D551127D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C25D4F7C-CEF8-4325-9C9B-E5739EE44FED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C34BD4D2-4CB5-4F7F-BDB1-E3E5086DDB03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C35A6D02-D094-49D3-9220-6CEF7612B4A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3F2DA78-9F58-48E0-B5DC-8757E6876539}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{C3FD1021-6800-4318-9384-7F793ACC70DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C48B2FFD-72FE-41AE-8BE3-82113B4A3803}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6AD2D34-3C2F-43DA-BB62-04B6D4A003BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C76E1F23-F2B4-41BA-BD19-10DFC2C927E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C79A5C58-7591-43E7-905D-10D1223BD134}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7CBE64C-26E7-4AC3-AF1A-57FC4877A5C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8FA45DF-2D8E-4F9D-94F9-89658D7C0FF9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C906AD7E-0F6B-4179-BE59-D1B3E45D8D14}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C93EE244-083F-41BE-9EF2-4B13990ACEF2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CD328F55-1C4B-4132-83F0-07A584CB0556}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CDA6FEF6-4FCD-495A-8863-5046C9BEB9E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D039E9ED-9221-4560-AB94-4B11AB6A7CED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D0A64A02-A2A1-43C3-A69C-1E1C0D435B7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2B95B0D-F580-45FB-BACE-1BAD3A00C0A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3434849-9172-4570-9C58-A596CA78F23E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D54DE4CA-2D65-41B3-B48D-3BE01FA56DC0}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{D5909E9E-426C-4EB4-A567-5EDEED6CB275}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5C4262C-4D9A-4E17-A128-6C85C2EDE138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D6036BDC-8F0C-44CE-A6B1-BB3389BC6B68}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D682CF2F-4840-4A03-BF15-A6D255437FB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7B4EB2B-D28D-454F-848B-4A7F506BC92B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D7BBCE4F-D710-4A2C-A13C-129426A33D1B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D7D1D7A0-E2E6-4B37-AD37-4FCD4A128F5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D70CC0-1988-4317-9958-96E15C95DDEB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D7912D-34E8-4BF8-AFEF-D981BE1A637F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E3227B-4753-4CDD-9BBD-6326D9AFDB7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E98018-BB87-43A0-ACFE-9331B9C3FC40}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8EEFA3C-1C55-41F4-B177-3780275496AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D9D0BC70-35E2-4079-BA66-B8482E174C9B}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{DAAE327C-B010-48E4-90D2-226B68600FCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB44E4C4-66F5-42CF-99BB-D01A53F6CAE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB877977-DF1A-4F7D-8592-D7AF0DFA30A4}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{DBB7D15C-72D2-4507-9971-FEFEF4B2CFFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DBF1AE87-69DA-4AB4-997E-B8BDB1B7CB54}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{DC7F9734-BA61-4DFB-9A27-9F4B5462C806}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{DCF22552-82D6-4177-9553-F2D97E14AB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{DD36E43D-C6FA-437D-BCAC-19C934B1C134}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{E14320CA-1003-4355-BDDD-A1F63AB64000}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E18FCDDD-B8C7-40AF-92A9-D9D00C47D36A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E19CBB0E-D2E6-4B8D-8897-ACE5ADBE95F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E2221CDE-857A-4F1C-94F8-ED5D29604C01}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{E2680ACC-99C2-4235-8794-E609AC4E6377}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E41DF7C1-111F-42E2-BA05-498C0E89D1C3}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{E5BA7718-594E-4F61-B475-AE702D84F256}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5C10A85-2E40-407B-BC4A-CFCAE346835C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7E83A76-2658-4EEF-8E73-342927547F3C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7EFFB6A-CE87-4617-9B71-FFFC09109111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E893E89F-A334-4D6F-A1ED-62258760245D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{E9C28EAA-42C1-4D14-AFEC-A9C9005FC406}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EAD81E16-2E62-4124-9BB7-D512CEF1E6A6}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{EB931EC2-7B8F-40D9-9C0D-70A277A9372E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{EB9D604E-C126-4487-B2C0-8AAE305824DE}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{ECC18DDC-A2DF-4DF0-B569-461CA429BA8C}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{EF6B339B-B860-411E-B51D-6FFA32CC3F4E}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{EF9C2076-3F41-4884-A640-A6A7A294587B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F24C189F-CB4C-49CA-98FD-98CE92554ECA}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{F2AC6076-C8F5-49F7-91E7-9AA10FEE12C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{F3213B33-20FA-4C45-802B-B3F0A62E22EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F324B8BA-C159-455F-84AD-C339F7C7D812}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F384CDF4-86E1-488E-8945-529F1A16C27F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F392DA1B-E19C-46D0-9A13-62D4FA464E4F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F3C6EEB8-CA77-437D-8D78-73EB4D64BB4D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F5271259-67E5-42CF-B7AC-5495382D4B97}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{F5B143FF-5895-439A-A1D4-F61B9C8C097E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F5C782AD-64F4-4A0D-A8D7-E6ECBA8EA712}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7DF6FA6-BA2E-4B67-9351-A8C5EDC90D45}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F9CB1AC4-1823-4E45-A4C8-17757AC24402}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB953C8D-F4CA-4F89-A198-A66008274F08}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{FBEB1BF2-6605-4959-A091-1E8D0A8FFECC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FC84F76A-366F-4149-86D1-FE30D8B315E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD6F3B6A-0FB3-42F8-9986-975BB4EF4F3C}" = protocol=6 | dir=out | app=system |
"{FDF8FFFF-814D-405E-B103-AEFBD857B76F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{02317C48-4C11-4DCA-867F-791A73D0DC0D}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{077A5FDA-FFC5-41CF-A8C1-2CABCC1E99D2}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{0FAC06CF-5204-4AC0-84F8-256786BF6DAD}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"TCP Query User{2765A490-32AF-4552-8E09-706A42F63411}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{424757F1-537B-4C26-B88F-D1AFD6FCE114}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{5A5595A3-8760-4832-8D0F-0C9D29709A02}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{6B778174-C25F-43B5-AD18-B1F1F7C0DF9C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8650E2EE-BF96-4C60-A0CC-D88908217D18}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{98402700-CFA8-4B70-B7E2-6D84F44E7089}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A44BFFD2-B09D-4939-AD38-01E24A7F7124}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{C38E7D9B-E348-41B7-9801-D335F43C4EF5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{C7D8B634-B595-4B6C-A865-0F55972EECCA}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{C879447D-03B9-4040-88E2-3D1B68582D56}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{CF75E8E8-13C7-4995-9531-2813C4BA9711}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D9B03067-FC20-42B2-AE01-71F3D154B7B4}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{E38756AC-B224-4C64-8F4D-5CD1AA7B82F3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{F5E7DDF1-64B9-48B6-9FE6-7F6CAC86A098}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0ABADC3E-7F59-46D9-857B-F5F7F0232A50}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0D14DB75-8D53-47A4-8E98-9F297747ED38}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{18A51644-982A-4A9C-90AC-BC13B9A8AD76}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{27344AAB-1A08-491D-912F-B6E052BB9D29}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{2813270D-A97F-404D-92C9-907D9BF49F84}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{33E6125A-25D1-4347-BE56-2A9C338B65DB}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{39D46AF5-1ADF-426B-8D61-CA6988A6B56E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{3D20730B-820F-4D88-A7D5-DCA39F789F70}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{56452B83-5FA3-46A2-BD33-ACE844DF51BE}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{57320AA8-EB94-47E3-9947-7F05FE06729A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{72E00B4D-C30C-4266-A513-F7A263CA5CA9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{782176FE-CAC7-4589-AF73-08C266F9793E}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{94D5AEA5-96A2-4A9D-9C64-330B83A562AD}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{D03FA104-8A9D-4757-86D3-2ED96E717D2C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{D22B94DA-4425-4AA8-A000-26DA7E4B93D1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{D8CED9C9-FBC0-47F3-8BB1-EDC0AB9962E7}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"UDP Query User{F66ACC6F-6EE6-4735-8ADF-77586B0486CF}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0412-1000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B38BCB00-1C17-48F5-BB94-584BB89D34D0}" = Logitech Z-series Software 1.04
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Windows Driver Package - Nokia Modem (10/27/2008 3.9)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HitmanPro35" = Hitman Pro 3.5
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"nView Desktop Manager" = NVIDIA nView Desktop Manager

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A422-40A5-BD20-04BF618CA0F9}" = QuickBooks Pro 2010
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{229AF246-D3F0-11D6-B69D-00D009E877CC}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2984E8FC-6310-6082-F0C7-56CC044B3B4C}" = YouSee Player
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{34922E26-AE1B-452A-926E-D3197E6BF0E9}" = Batch PDF Pro
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4767E0D4-05E9-4EC2-AD78-7AE1680D602C}" = Snowie Version 4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{4DB3021B-57A5-42A0-82FF-01F3B9E09CDD}" = NETELLER Desktop
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6600970A-BAE7-412A-BFFC-91AD793B3A41}" = ASUS WiFi-AP @n
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5694F9-4FE6-C505-B929-E465530C97EC}" = LSJ
"{6A9B6538-AA6B-498A-9529-739D7A5CBFE7}" = PASW Statistics 18 R Essentials
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D381E6D-D221-49F9-B900-3D2D226E2C5D}" = PASW Statistics-R Integration Plug-in 18.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROOFKIT_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0402-0000-0000000FF1CE}" = Microsoft Office Proof (Bulgarian) 2007
"{90120000-001F-0402-0000-0000000FF1CE}_PROOFKIT_{FB4EE5BD-7C0B-4B5C-ACEC-D1F160BE9B47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROOFKIT_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROOFKIT_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROOFKIT_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_PROOFKIT_{25E093C2-374E-44A9-9BCE-3881BD442F3F}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROOFKIT_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROOFKIT_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROOFKIT_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007
"{90120000-001F-040B-0000-0000000FF1CE}_PROOFKIT_{8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROOFKIT_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2007
"{90120000-001F-040D-0000-0000000FF1CE}_PROOFKIT_{D51DB996-6D46-4195-B495-5E96F61A3CB9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROOFKIT_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROOFKIT_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2007
"{90120000-001F-0411-0000-0000000FF1CE}_PROOFKIT_{09FD8ECF-B585-47FD-8E53-68BB8741DA65}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2007
"{90120000-001F-0412-0000-0000000FF1CE}_PROOFKIT_{B017C4D5-E774-4A94-A8E3-380489B86F47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROOFKIT_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmål)) 2007
"{90120000-001F-0414-0000-0000000FF1CE}_PROOFKIT_{D3413506-02DD-4918-AB8B-A9939A14C2E8}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROOFKIT_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROOFKIT_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROOFKIT_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0419-0000-0000000FF1CE}_PROOFKIT_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROOFKIT_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROOFKIT_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007
"{90120000-001F-041D-0000-0000000FF1CE}_PROOFKIT_{43722AA8-ACEA-4F54-9B83-2467D376EF8A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041E-0000-0000000FF1CE}_PROOFKIT_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_PROOFKIT_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0420-0000-0000000FF1CE}" = Microsoft Office Proof (Urdu) 2007
"{90120000-001F-0422-0000-0000000FF1CE}" = Microsoft Office Proof (Ukrainian) 2007
"{90120000-001F-0422-0000-0000000FF1CE}_PROOFKIT_{6F177D09-F21D-4F50-9436-353972D1D232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROOFKIT_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0425-0000-0000000FF1CE}" = Microsoft Office Proof (Estonian) 2007
"{90120000-001F-0425-0000-0000000FF1CE}_PROOFKIT_{198E4A56-E02D-4594-AA6A-B25D83F50A81}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0426-0000-0000000FF1CE}" = Microsoft Office Proof (Latvian) 2007
"{90120000-001F-0426-0000-0000000FF1CE}_PROOFKIT_{1B3EDDDA-158A-4AFB-A493-57446AC5964D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0427-0000-0000000FF1CE}" = Microsoft Office Proof (Lithuanian) 2007
"{90120000-001F-0427-0000-0000000FF1CE}_PROOFKIT_{15B60D1E-FBD2-4659-A159-ADB32FA4105D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0439-0000-0000000FF1CE}" = Microsoft Office Proof (Hindi) 2007
"{90120000-001F-0439-0000-0000000FF1CE}_PROOFKIT_{B0126B90-3F42-404B-8435-DE45FBC3BE45}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0446-0000-0000000FF1CE}" = Microsoft Office Proof (Punjabi) 2007
"{90120000-001F-0447-0000-0000000FF1CE}" = Microsoft Office Proof (Gujarati) 2007
"{90120000-001F-0449-0000-0000000FF1CE}" = Microsoft Office Proof (Tamil) 2007
"{90120000-001F-044A-0000-0000000FF1CE}" = Microsoft Office Proof (Telugu) 2007
"{90120000-001F-044B-0000-0000000FF1CE}" = Microsoft Office Proof (Kannada) 2007
"{90120000-001F-044E-0000-0000000FF1CE}" = Microsoft Office Proof (Marathi) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_PROOFKIT_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2007
"{90120000-001F-0814-0000-0000000FF1CE}_PROOFKIT_{1B70EF07-15AB-483B-B7DE-C60584A3F518}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_PROOFKIT_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-081A-0000-0000000FF1CE}" = Microsoft Office Proof (Serbian (Latin)) 2007
"{90120000-001F-081A-0000-0000000FF1CE}_PROOFKIT_{5D31A216-8A77-4993-AAF4-A747E3E81B35}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROOFKIT_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROOFKIT_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_PROOFKIT_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0411-0000-0000000FF1CE}_PROOFKIT_{85644C8B-569F-4998-9A4F-0845AA579E9E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-1000-0000000FF1CE}_PROOFKIT_{71FF7F2B-813F-421A-AAC0-616FB5048E3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0412-0000-0000000FF1CE}_PROOFKIT_{15281683-B481-47B8-A981-7043F35441FF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-1000-0000000FF1CE}_PROOFKIT_{D0A5685F-34E9-4B67-B32C-262263E55098}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_PROOFKIT_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_PROOFKIT_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0048-0409-0000-0000000FF1CE}" = Microsoft Office ProofMUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0103-0000-0000-0000000FF1CE}" = Microsoft Office Proofing Kit 2007
"{927454DC-D1D0-42EB-9C39-F87D4B8D6B5B}" = 5DFly Images to PDF Converter
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_946" = Adobe Acrobat 9.4.6 - CPSID_83708
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{ADF9FBE9-8F25-15A7-9E46-D575615FF009}" = Sid Meier's Pirates!
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1A820F9-9F85-4513-B601-A998FC1AFDA0}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C81B363C-3918-4D53-8B90-EBABA515928E}" = ASUS WiFi-AP @n
"{C845E16D-4D66-44C8-B7B5-53739900AC7E}" = Microsoft Office Accounting 2009
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA5DD6E1-B508-4922-815D-479E3228B17A}" = Europa Universalis 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1AC5696-CC7E-34D7-89B3-4D09E7CF7D14}" = Strawberry Perl
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}" = Microsoft Office Accounting 2009 PayPal Addin
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7F65223-C7CF-4F5F-BFF9-65461B11B8CA}" = Batch Image To PDF
"{F810C880-CBBC-4524-82C2-FA3D0AE48380}" = Hemera Photo Clip Art
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Amazon Kindle" = Amazon Kindle
"AVI DVD Burner_is1" = AVI DVD Burner 2008 v5.2.0.37
"BetMost Poker" = BetMost Poker
"Boxoft free AVI to FLV Converter_is1" = Boxoft free AVI to FLV Converter
"Browser Defender_is1" = Browser Defender 3.0
"BS1 General Ledger 2010.0_is1" = BS1 General Ledger 2010.0
"BurnAware Free_is1" = BurnAware Free 3.3.1
"CINEMA 4D Release 11" = CINEMA 4D Release 11
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Composite Wizard" = Composite Wizard
"Digital Editions" = Adobe Digital Editions
"Digital Signatur" = Digital Signatur
"dk.in2media.yousee.youseeplayer" = YouSee Player
"DVDneXtCOPY 4 neXtTech" = DVDneXtCOPY 4 neXtTech
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FM Genie Scout 11_is1" = FM Genie Scout 11 version 1.00
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameCenter_is1" = GameCenter 1.3.0.5
"GNU Backgammon_is1" = GNU Backgammon (MAIN branch, 20111003 code)
"HoldemManager" = Holdem Manager
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"Image to PDF Converter Free_is1" = Image to PDF Converter Free 4.02
"iMesh" = iMesh
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"JPG2PDF_is1" = JPG2PDF 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"Knoll Light Factory Pro 2.5" = Knoll Light Factory Pro 2.5
"LameACM" = Lame ACM MP3 Codec
"Liquid Story Binder XE_is1" = Liquid Story Binder XE 3.81
"LSJ.10833097DC514EE51FEAD518FDC12673948D1995.1" = LSJ
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Office Accounting 2009" = Microsoft Office Accounting 2009
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 9.0 (x86 en-US)" = Mozilla Firefox 9.0 (x86 en-US)
"NetGammon8" = NetGammon8
"NeuLion Adaptive Plugin" = NeuLion Adaptive Plugin
"Nokia PC Suite" = Nokia PC Suite
"OpenRPG" = OpenRPG
"Opera 11.60.1185" = Opera 11.60
"PartyPoker" = PartyPoker
"PDFtoEPUB" = PDFtoEPUB
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PROOFKIT" = Microsoft Office Proofing Tools Kit 2007
"R for Windows 2.11.1_is1" = R for Windows 2.11.1
"R for Windows 2.8.1_is1" = R for Windows 2.8.1
"Radium Glow" = Radium Glow
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.2
"Red Giant Psunami" = Red Giant Psunami
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SharkScope HUD" = SharkScope HUD 1.0.200
"SimpleOCR 3.1" = SimpleOCR 3.1
"SopCast" = SopCast 3.2.4
"SpeedFan" = SpeedFan (remove only)
"Spyware Doctor" = Spyware Doctor 8.0
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"Stanza" = Stanza
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 25800" = Europa Universalis III
"Steam App 34220" = Football Manager 2011
"Steam App 8930" = Sid Meier's Civilization V
"StreamTorrent 1.0" = StreamTorrent 1.0
"Trapcode 3DStroke" = Trapcode 3DStroke
"Trapcode Form" = Trapcode Form
"Trapcode Horizon" = Trapcode Horizon
"Trapcode Particular" = Trapcode Particular
"Trapcode Shine" = Trapcode Shine
"Trapcode Starglow" = Trapcode Starglow
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"Web Sudoku Deluxe_is1" = Web Sudoku Deluxe 1.2.2
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Write-N-Cite" = Write-N-Cite
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.10.1 (unicode) for Python 2.6
"Xilisoft DVD Creator 6" = Xilisoft DVD Creator 6
"Xvid Video Codec 1.3.1" = Xvid Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Chromium" = Chromium
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Play65" = Play65
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Combofix is also using Danish so nothing we can do with VEW. Let's see if DDS can read the logs.

Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool. (Win 7 or Vista must right click and Run As Admin)
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.

You have adobe reader 9. This is obsolete and dangerous. You need to remove it and get the latest version from adobe.com.

TDSS found something. Are you still getting redirected?
Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Ron
  • 0

#7
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

It seems like DDS could read it. I did the actions as instructed. TDSS didn't find anything this time. I did delete what it found the last time, as it said TDSS.

I haven't been redirected since my last post, so unless you see any issues? I think we are good.

I have posted the logs below and zipped and attached the attach log.

If this is it, thank you very much for your assistance. It is much appreciated!

Michael



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Michael Eilersen at 23:20:52 on 2012-01-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1033.18.8190.6099 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\ASUS\WiFi-AP @n\[email protected]
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\AEADISRV.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\chrome.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.b.dk
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll
BHO: Internet Explorer Form-Fill Plug-In: {5425b4b8-87f9-4e9c-8b51-8aaba82eba64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
uRun: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [PCTools FGuard] "C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [ZAFFRegisterTrustChecker] "C:\Windows\system32\regsvr32.exe" -s "C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustChecker.dll"
dRunOnce: [ZAFFRegisterTrustCheckerIE] "C:\Windows\system32\regsvr32.exe" -s "C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll"
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10a.exe
StartupFolder: C:\Users\MICHAE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FIFA11~1.LNK - C:\Program Files (x86)\EA SPORTS\FIFA 11\Support\EAregister.exe
StartupFolder: C:\Users\MICHAE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYWAR~1.LNK - C:\Program Files (x86)\SpywareGuard\sgmain.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: danid.dk
Trusted Zone: danid.dk
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
TCP: Interfaces\{49F1FB07-90EC-4593-920F-913C35E23C0F} : DhcpNameServer = 193.162.153.164 194.239.134.83
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: SpywareGuardDLBLOCK.CBrowserHelper: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll
BHO-X64: SpywareGuard Download Protection - No File
BHO-X64: Internet Explorer Form-Fill Plug-In: {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll
BHO-X64: NetellerBHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB-X64: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [PCTools FGuard] "C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE-X64: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
IE-X64: {E65BD45D-4C0E-4970-9F1C-E3CF46E21BFF} - C:\Microgaming\Casino\LuxuryCasino\casinogame.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SEH-X64: SpywareGuard.Handler: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.berlingske.dk/
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
FF - plugin: C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - cfbda1d4-73a7-4b12-94b0-72236fe94cf7
FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader,
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys --> C:\Windows\system32\DRIVERS\mv61xx.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-7-19 146816]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/23 15:48:42];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-12-6 247760]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\nlssrv32.exe [2009-6-7 61440]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-5-14 4901888]
R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w --> C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2008-10-28 1038088]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro35.sys --> C:\Windows\system32\drivers\hitmanpro35.sys [?]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 nmwcdcx64;Nokia USB Generic;C:\Windows\system32\drivers\ccdcmbox64.sys --> C:\Windows\system32\drivers\ccdcmbox64.sys [?]
S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys --> C:\Windows\system32\drivers\ccdcmbx64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-12-6 366840]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-12-6 1150936]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.reg=Regedit.Document
.
=============== Created Last 30 ================
.
2012-01-03 15:27:47 -------- d-----w- C:\_OTL
2012-01-03 14:59:09 -------- d-----w- C:\$RECYCLE.BIN
2012-01-03 14:34:50 -------- d-----w- C:\ComboFix
2011-12-30 15:22:31 -------- d-----w- C:\Program Files\gs
2011-12-27 23:17:14 -------- d-----w- C:\Users\Michael Eilersen\.gnubg
2011-12-27 23:17:06 -------- d-----w- C:\Program Files (x86)\gnubg
2011-12-27 23:10:15 -------- d-----w- C:\Program Files (x86)\Goto.Games
2011-12-27 21:54:32 -------- d-----w- C:\Snowie Documents
2011-12-27 21:54:31 66560 ----a-w- C:\Windows\SysWow64\NMORENU.DLL
2011-12-27 21:54:31 48128 ----a-w- C:\Windows\SysWow64\NMSCKN.DLL
2011-12-27 21:54:31 462848 ----a-w- C:\Windows\SysWow64\NMW3VWN.DLL
2011-12-27 21:54:31 240640 ----a-w- C:\Windows\SysWow64\NMOCOD.DLL
2011-12-27 21:54:31 169472 ----a-w- C:\Windows\SysWow64\HTML.OCX
2011-12-27 21:53:07 183808 ----a-w- C:\Windows\SysWow64\bdeadmin.cpl
2011-12-27 21:53:06 -------- d-----w- C:\Program Files (x86)\Common Files\Borland Shared
2011-12-27 21:52:57 -------- d-----w- C:\Program Files (x86)\SnowieGroup
2011-12-27 21:52:27 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2011-12-27 21:00:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-27 18:36:52 98816 ----a-w- C:\Windows\sed.exe
2011-12-27 18:36:52 518144 ----a-w- C:\Windows\SWREG.exe
2011-12-27 18:36:52 256000 ----a-w- C:\Windows\PEV.exe
2011-12-27 18:36:52 208896 ----a-w- C:\Windows\MBR.exe
2011-12-16 16:32:40 -------- d-----w- C:\Users\Michael Eilersen\AppData\Local\Play65
2011-12-15 18:46:42 121816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-15 18:46:41 97240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-12-15 18:46:41 814040 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-12-15 18:46:41 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-15 18:46:41 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-15 18:46:41 486360 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-15 18:46:41 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-15 18:46:41 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2011-12-15 18:46:41 2124760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-12-15 18:46:41 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-15 18:46:41 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-15 18:46:41 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-15 11:27:28 2764800 ----a-w- C:\Windows\System32\win32k.sys
2011-12-15 11:27:27 85504 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-15 11:27:26 559616 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-15 11:27:26 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-15 11:27:24 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-15 11:27:24 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-15 11:25:37 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-12-15 11:25:37 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-12-15 11:21:33 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2011-12-12 23:55:25 -------- d-----w- C:\Program Files (x86)\World of Warcraft.temp
2011-12-12 23:55:01 -------- d-----w- C:\ProgramData\Blizzard Entertainment
.
==================== Find3M ====================
.
2012-01-03 15:24:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-06 16:06:09 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-12-06 11:07:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2009-03-01 23:10:25 36868 ----a-w- C:\Program Files (x86)\uninst-Particular.exe
.
============= FINISH: 23:21:56.83 ===============



23:26:30.0552 4728 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
23:26:30.0693 4728 ============================================================
23:26:30.0693 4728 Current date / time: 2012/01/06 23:26:30.0693
23:26:30.0693 4728 SystemInfo:
23:26:30.0693 4728
23:26:30.0693 4728 OS Version: 6.0.6002 ServicePack: 2.0
23:26:30.0693 4728 Product type: Workstation
23:26:30.0693 4728 ComputerName: EILER-PC
23:26:30.0693 4728 UserName: Michael Eilersen
23:26:30.0693 4728 Windows directory: C:\Windows
23:26:30.0693 4728 System windows directory: C:\Windows
23:26:30.0693 4728 Running under WOW64
23:26:30.0693 4728 Processor architecture: Intel x64
23:26:30.0693 4728 Number of processors: 4
23:26:30.0693 4728 Page size: 0x1000
23:26:30.0693 4728 Boot type: Normal boot
23:26:30.0693 4728 ============================================================
23:26:33.0220 4728 Initialize success
23:26:51.0082 3412 ============================================================
23:26:51.0082 3412 Scan started
23:26:51.0082 3412 Mode: Manual; SigCheck; TDLFS;
23:26:51.0082 3412 ============================================================
23:26:53.0079 3412 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
23:26:53.0203 3412 ACPI - ok
23:26:53.0281 3412 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
23:26:53.0313 3412 adfs - ok
23:26:53.0437 3412 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
23:26:53.0578 3412 ADIHdAudAddService - ok
23:26:53.0671 3412 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
23:26:53.0718 3412 adp94xx - ok
23:26:53.0765 3412 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
23:26:53.0796 3412 adpahci - ok
23:26:53.0859 3412 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
23:26:53.0874 3412 adpu160m - ok
23:26:53.0983 3412 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
23:26:53.0999 3412 adpu320 - ok
23:26:54.0093 3412 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
23:26:54.0155 3412 AFD - ok
23:26:54.0202 3412 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
23:26:54.0217 3412 agp440 - ok
23:26:54.0280 3412 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
23:26:54.0311 3412 aic78xx - ok
23:26:54.0373 3412 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
23:26:54.0389 3412 aliide - ok
23:26:54.0451 3412 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
23:26:54.0467 3412 amdide - ok
23:26:54.0561 3412 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
23:26:55.0263 3412 AmdK8 - ok
23:26:55.0372 3412 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
23:26:55.0387 3412 arc - ok
23:26:55.0434 3412 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
23:26:55.0465 3412 arcsas - ok
23:26:55.0465 3412 AsIO - ok
23:26:55.0528 3412 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
23:26:55.0559 3412 AsyncMac - ok
23:26:55.0668 3412 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
23:26:55.0684 3412 atapi - ok
23:26:55.0731 3412 Beep - ok
23:26:55.0777 3412 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
23:26:55.0809 3412 blbdrive - ok
23:26:55.0980 3412 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
23:26:56.0011 3412 bowser - ok
23:26:56.0167 3412 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
23:26:56.0682 3412 BrFiltLo - ok
23:26:56.0776 3412 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
23:26:56.0807 3412 BrFiltUp - ok
23:26:56.0869 3412 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
23:26:57.0727 3412 Brserid - ok
23:26:57.0837 3412 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
23:26:57.0883 3412 BrSerWdm - ok
23:26:57.0961 3412 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
23:26:58.0008 3412 BrUsbMdm - ok
23:26:58.0195 3412 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
23:26:58.0258 3412 BrUsbSer - ok
23:26:58.0414 3412 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
23:26:58.0476 3412 BTHMODEM - ok
23:26:58.0554 3412 catchme - ok
23:26:58.0601 3412 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
23:26:58.0648 3412 cdfs - ok
23:26:58.0710 3412 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
23:26:58.0741 3412 cdrom - ok
23:26:58.0804 3412 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
23:26:58.0851 3412 circlass - ok
23:26:58.0960 3412 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
23:26:59.0007 3412 CLFS - ok
23:26:59.0085 3412 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
23:26:59.0100 3412 cmdide - ok
23:26:59.0147 3412 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
23:26:59.0163 3412 Compbatt - ok
23:26:59.0256 3412 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
23:26:59.0256 3412 crcdisk - ok
23:26:59.0334 3412 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
23:26:59.0365 3412 DfsC - ok
23:26:59.0428 3412 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
23:26:59.0443 3412 disk - ok
23:26:59.0521 3412 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
23:26:59.0568 3412 Dot4 - ok
23:26:59.0615 3412 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:26:59.0646 3412 Dot4Print - ok
23:26:59.0787 3412 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
23:26:59.0833 3412 dot4usb - ok
23:26:59.0880 3412 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
23:26:59.0911 3412 drmkaud - ok
23:27:00.0005 3412 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
23:27:00.0052 3412 DXGKrnl - ok
23:27:00.0177 3412 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
23:27:00.0208 3412 E1G60 - ok
23:27:00.0286 3412 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
23:27:00.0301 3412 Ecache - ok
23:27:00.0473 3412 ElbyCDIO (15814b675e9d08953f2c64e4e5ccb4f4) C:\Windows\system32\Drivers\ElbyCDIO.sys
23:27:00.0489 3412 ElbyCDIO - ok
23:27:00.0567 3412 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
23:27:00.0598 3412 elxstor - ok
23:27:00.0660 3412 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
23:27:00.0707 3412 ErrDev - ok
23:27:00.0847 3412 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
23:27:00.0879 3412 exfat - ok
23:27:01.0019 3412 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
23:27:01.0050 3412 fastfat - ok
23:27:01.0097 3412 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
23:27:01.0144 3412 fdc - ok
23:27:01.0206 3412 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
23:27:01.0222 3412 FileInfo - ok
23:27:01.0269 3412 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
23:27:01.0315 3412 Filetrace - ok
23:27:01.0409 3412 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
23:27:01.0456 3412 flpydisk - ok
23:27:01.0549 3412 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
23:27:01.0565 3412 FltMgr - ok
23:27:01.0659 3412 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
23:27:01.0674 3412 Fs_Rec - ok
23:27:01.0752 3412 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
23:27:01.0768 3412 gagp30kx - ok
23:27:01.0846 3412 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:27:01.0861 3412 GEARAspiWDM - ok
23:27:01.0924 3412 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
23:27:02.0002 3412 HdAudAddService - ok
23:27:02.0111 3412 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:27:02.0189 3412 HDAudBus - ok
23:27:02.0314 3412 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
23:27:02.0376 3412 HidBth - ok
23:27:02.0439 3412 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
23:27:02.0501 3412 HidIr - ok
23:27:02.0626 3412 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
23:27:02.0641 3412 HidUsb - ok
23:27:02.0735 3412 hitmanpro35 (c6ff685e2ea55c3ac5c90b9e7d6930c0) C:\Windows\system32\drivers\hitmanpro35.sys
23:27:02.0751 3412 hitmanpro35 - ok
23:27:02.0953 3412 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
23:27:02.0969 3412 HpCISSs - ok
23:27:03.0234 3412 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
23:27:03.0297 3412 HTTP - ok
23:27:03.0328 3412 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
23:27:03.0359 3412 i2omp - ok
23:27:03.0406 3412 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
23:27:03.0437 3412 i8042prt - ok
23:27:03.0515 3412 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
23:27:03.0546 3412 iaStorV - ok
23:27:03.0655 3412 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
23:27:03.0671 3412 iirsp - ok
23:27:03.0749 3412 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
23:27:03.0765 3412 intelide - ok
23:27:03.0811 3412 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
23:27:03.0843 3412 intelppm - ok
23:27:03.0905 3412 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:27:03.0936 3412 IpFilterDriver - ok
23:27:04.0014 3412 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
23:27:04.0061 3412 IPMIDRV - ok
23:27:04.0108 3412 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
23:27:04.0155 3412 IPNAT - ok
23:27:04.0233 3412 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
23:27:04.0264 3412 IRENUM - ok
23:27:04.0311 3412 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
23:27:04.0326 3412 isapnp - ok
23:27:04.0389 3412 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
23:27:04.0404 3412 iScsiPrt - ok
23:27:04.0451 3412 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
23:27:04.0467 3412 iteatapi - ok
23:27:04.0529 3412 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
23:27:04.0545 3412 iteraid - ok
23:27:04.0685 3412 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
23:27:04.0701 3412 kbdclass - ok
23:27:04.0779 3412 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
23:27:04.0810 3412 kbdhid - ok
23:27:04.0888 3412 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
23:27:04.0935 3412 KSecDD - ok
23:27:05.0028 3412 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
23:27:05.0075 3412 ksthunk - ok
23:27:05.0122 3412 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
23:27:05.0169 3412 lltdio - ok
23:27:05.0278 3412 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
23:27:05.0293 3412 LSI_FC - ok
23:27:05.0356 3412 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
23:27:05.0371 3412 LSI_SAS - ok
23:27:05.0418 3412 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
23:27:05.0449 3412 LSI_SCSI - ok
23:27:05.0512 3412 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
23:27:05.0559 3412 luafv - ok
23:27:05.0637 3412 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
23:27:05.0652 3412 megasas - ok
23:27:05.0746 3412 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
23:27:05.0793 3412 MegaSR - ok
23:27:05.0980 3412 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
23:27:06.0027 3412 Modem - ok
23:27:06.0120 3412 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
23:27:06.0151 3412 monitor - ok
23:27:06.0214 3412 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
23:27:06.0229 3412 mouclass - ok
23:27:06.0276 3412 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
23:27:06.0323 3412 mouhid - ok
23:27:06.0385 3412 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
23:27:06.0401 3412 MountMgr - ok
23:27:06.0526 3412 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
23:27:06.0541 3412 mpio - ok
23:27:06.0588 3412 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
23:27:06.0619 3412 mpsdrv - ok
23:27:06.0682 3412 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
23:27:06.0713 3412 Mraid35x - ok
23:27:06.0807 3412 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
23:27:06.0869 3412 MRxDAV - ok
23:27:06.0931 3412 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:27:06.0963 3412 mrxsmb - ok
23:27:07.0056 3412 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:27:07.0087 3412 mrxsmb10 - ok
23:27:07.0243 3412 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:27:07.0275 3412 mrxsmb20 - ok
23:27:07.0337 3412 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
23:27:07.0368 3412 msahci - ok
23:27:07.0415 3412 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
23:27:07.0431 3412 msdsm - ok
23:27:07.0493 3412 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
23:27:07.0540 3412 Msfs - ok
23:27:07.0602 3412 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
23:27:07.0618 3412 msisadrv - ok
23:27:07.0696 3412 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
23:27:07.0727 3412 MSKSSRV - ok
23:27:07.0774 3412 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
23:27:07.0805 3412 MSPCLOCK - ok
23:27:07.0883 3412 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
23:27:07.0930 3412 MSPQM - ok
23:27:08.0039 3412 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
23:27:08.0055 3412 MsRPC - ok
23:27:08.0148 3412 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
23:27:08.0164 3412 mssmbios - ok
23:27:08.0273 3412 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
23:27:08.0320 3412 MSTEE - ok
23:27:08.0460 3412 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
23:27:08.0476 3412 MTsensor - ok
23:27:08.0538 3412 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
23:27:08.0569 3412 Mup - ok
23:27:08.0632 3412 mv61xx (792ca0761a6ff267fb271fa4dbe8cd84) C:\Windows\system32\DRIVERS\mv61xx.sys
23:27:08.0663 3412 mv61xx - ok
23:27:08.0944 3412 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
23:27:09.0022 3412 NativeWifiP - ok
23:27:09.0147 3412 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
23:27:09.0209 3412 NDIS - ok
23:27:09.0271 3412 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
23:27:09.0303 3412 NdisTapi - ok
23:27:09.0349 3412 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
23:27:09.0396 3412 Ndisuio - ok
23:27:09.0459 3412 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
23:27:09.0505 3412 NdisWan - ok
23:27:09.0661 3412 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
23:27:09.0708 3412 NDProxy - ok
23:27:09.0771 3412 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
23:27:09.0817 3412 NetBIOS - ok
23:27:09.0880 3412 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
23:27:09.0927 3412 netbt - ok
23:27:10.0005 3412 netr28ux (c553716f6f7bca3444cee52dfb7c9016) C:\Windows\system32\DRIVERS\netr28ux.sys
23:27:10.0067 3412 netr28ux - ok
23:27:10.0145 3412 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
23:27:10.0161 3412 nfrd960 - ok
23:27:10.0270 3412 nmwcdcx64 (bf8bd79edb75b4eafc6892424ad3485c) C:\Windows\system32\drivers\ccdcmbox64.sys
23:27:10.0317 3412 nmwcdcx64 - ok
23:27:10.0379 3412 nmwcdx64 (3fad4113e2ac9b36f97dfa28ad37fd8d) C:\Windows\system32\drivers\ccdcmbx64.sys
23:27:10.0395 3412 nmwcdx64 - ok
23:27:10.0488 3412 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
23:27:10.0519 3412 Npfs - ok
23:27:10.0629 3412 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
23:27:10.0660 3412 nsiproxy - ok
23:27:10.0785 3412 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
23:27:10.0956 3412 Ntfs - ok
23:27:11.0050 3412 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
23:27:11.0097 3412 Null - ok
23:27:11.0721 3412 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:27:12.0251 3412 nvlddmkm - ok
23:27:12.0345 3412 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
23:27:12.0360 3412 nvraid - ok
23:27:12.0438 3412 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
23:27:12.0454 3412 nvstor - ok
23:27:12.0516 3412 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
23:27:12.0547 3412 nv_agp - ok
23:27:12.0610 3412 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
23:27:12.0641 3412 ohci1394 - ok
23:27:12.0735 3412 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
23:27:12.0797 3412 Parport - ok
23:27:12.0859 3412 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
23:27:12.0875 3412 partmgr - ok
23:27:12.0969 3412 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:27:13.0015 3412 pccsmcfd - ok
23:27:13.0078 3412 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
23:27:13.0109 3412 pci - ok
23:27:13.0203 3412 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
23:27:13.0203 3412 pciide - ok
23:27:13.0359 3412 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
23:27:13.0374 3412 pcmcia - ok
23:27:13.0437 3412 PCTCore (8f38fffa9e7b9d547b7921efa8edff3c) C:\Windows\system32\drivers\PCTCore64.sys
23:27:13.0452 3412 PCTCore - ok
23:27:13.0499 3412 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
23:27:13.0546 3412 pctDS - ok
23:27:13.0686 3412 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
23:27:13.0780 3412 pctEFA - ok
23:27:13.0920 3412 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
23:27:14.0014 3412 PEAUTH - ok
23:27:14.0295 3412 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
23:27:14.0341 3412 PptpMiniport - ok
23:27:14.0373 3412 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
23:27:14.0419 3412 Processor - ok
23:27:14.0482 3412 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
23:27:14.0575 3412 PSched - ok
23:27:14.0685 3412 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:27:14.0700 3412 PxHlpa64 - ok
23:27:14.0872 3412 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
23:27:14.0950 3412 ql2300 - ok
23:27:15.0012 3412 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
23:27:15.0028 3412 ql40xx - ok
23:27:15.0137 3412 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
23:27:15.0184 3412 QWAVEdrv - ok
23:27:15.0231 3412 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
23:27:15.0262 3412 RasAcd - ok
23:27:15.0355 3412 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:27:15.0402 3412 Rasl2tp - ok
23:27:15.0465 3412 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
23:27:15.0496 3412 RasPppoe - ok
23:27:15.0543 3412 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
23:27:15.0574 3412 RasSstp - ok
23:27:15.0667 3412 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
23:27:15.0714 3412 rdbss - ok
23:27:15.0839 3412 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:27:15.0886 3412 RDPCDD - ok
23:27:15.0933 3412 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
23:27:15.0979 3412 rdpdr - ok
23:27:16.0026 3412 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
23:27:16.0073 3412 RDPENCDD - ok
23:27:16.0167 3412 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
23:27:16.0229 3412 RDPWD - ok
23:27:16.0291 3412 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
23:27:16.0291 3412 regi - ok
23:27:16.0354 3412 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
23:27:16.0385 3412 rspndr - ok
23:27:16.0447 3412 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:27:16.0463 3412 SASDIFSV - ok
23:27:16.0494 3412 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:27:16.0510 3412 SASKUTIL - ok
23:27:16.0603 3412 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
23:27:16.0619 3412 sbp2port - ok
23:27:16.0681 3412 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:27:16.0744 3412 secdrv - ok
23:27:16.0853 3412 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
23:27:16.0853 3412 Sentinel64 - ok
23:27:16.0915 3412 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
23:27:16.0962 3412 Serenum - ok
23:27:17.0087 3412 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
23:27:17.0134 3412 Serial - ok
23:27:17.0243 3412 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
23:27:17.0290 3412 sermouse - ok
23:27:17.0337 3412 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
23:27:17.0383 3412 sffdisk - ok
23:27:17.0477 3412 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
23:27:17.0524 3412 sffp_mmc - ok
23:27:17.0586 3412 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
23:27:17.0617 3412 sffp_sd - ok
23:27:17.0727 3412 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
23:27:17.0789 3412 sfloppy - ok
23:27:17.0914 3412 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
23:27:17.0929 3412 SiSRaid2 - ok
23:27:17.0976 3412 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
23:27:17.0992 3412 SiSRaid4 - ok
23:27:18.0054 3412 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
23:27:18.0085 3412 Smb - ok
23:27:18.0101 3412 speedfan - ok
23:27:18.0210 3412 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
23:27:18.0226 3412 spldr - ok
23:27:18.0397 3412 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
23:27:18.0460 3412 srv - ok
23:27:18.0522 3412 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
23:27:18.0553 3412 srv2 - ok
23:27:18.0678 3412 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
23:27:18.0694 3412 srvnet - ok
23:27:18.0819 3412 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
23:27:18.0834 3412 swenum - ok
23:27:18.0912 3412 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
23:27:18.0928 3412 Symc8xx - ok
23:27:18.0975 3412 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
23:27:18.0990 3412 Sym_hi - ok
23:27:19.0068 3412 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
23:27:19.0084 3412 Sym_u3 - ok
23:27:19.0271 3412 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
23:27:19.0708 3412 Tcpip - ok
23:27:19.0833 3412 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
23:27:19.0879 3412 Tcpip6 - ok
23:27:19.0973 3412 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
23:27:20.0020 3412 tcpipreg - ok
23:27:20.0098 3412 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
23:27:20.0145 3412 TDPIPE - ok
23:27:20.0191 3412 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
23:27:20.0238 3412 TDTCP - ok
23:27:20.0332 3412 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
23:27:20.0379 3412 tdx - ok
23:27:20.0457 3412 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
23:27:20.0472 3412 TermDD - ok
23:27:20.0550 3412 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
23:27:20.0566 3412 Tpkd - ok
23:27:20.0691 3412 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:27:20.0722 3412 tssecsrv - ok
23:27:20.0784 3412 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
23:27:20.0815 3412 tunmp - ok
23:27:20.0878 3412 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
23:27:20.0893 3412 tunnel - ok
23:27:20.0971 3412 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
23:27:20.0987 3412 uagp35 - ok
23:27:21.0096 3412 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
23:27:21.0143 3412 udfs - ok
23:27:21.0252 3412 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
23:27:21.0268 3412 uliagpkx - ok
23:27:21.0346 3412 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
23:27:21.0361 3412 uliahci - ok
23:27:21.0408 3412 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
23:27:21.0439 3412 UlSata - ok
23:27:21.0533 3412 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
23:27:21.0549 3412 ulsata2 - ok
23:27:21.0580 3412 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
23:27:21.0627 3412 umbus - ok
23:27:21.0720 3412 upperdev (67ed617ed48014447039a1ef4b9d05ec) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
23:27:21.0751 3412 upperdev - ok
23:27:21.0845 3412 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
23:27:21.0876 3412 usbaudio - ok
23:27:21.0970 3412 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
23:27:22.0001 3412 usbccgp - ok
23:27:22.0095 3412 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
23:27:22.0157 3412 usbcir - ok
23:27:22.0219 3412 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
23:27:22.0266 3412 usbehci - ok
23:27:22.0375 3412 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
23:27:22.0407 3412 usbhub - ok
23:27:22.0516 3412 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
23:27:22.0578 3412 usbohci - ok
23:27:22.0656 3412 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
23:27:22.0703 3412 usbprint - ok
23:27:22.0781 3412 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
23:27:22.0812 3412 usbscan - ok
23:27:22.0890 3412 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
23:27:22.0921 3412 usbser - ok
23:27:23.0015 3412 UsbserFilt (eb84ceaafec6680c8b04c40a5ede7147) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
23:27:23.0031 3412 UsbserFilt - ok
23:27:23.0109 3412 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:27:23.0140 3412 USBSTOR - ok
23:27:23.0249 3412 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
23:27:23.0280 3412 usbuhci - ok
23:27:23.0374 3412 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
23:27:23.0421 3412 usbvideo - ok
23:27:23.0514 3412 VClone (8fc6e3d302550a06c7c5db9f1ab54193) C:\Windows\system32\DRIVERS\VClone.sys
23:27:23.0530 3412 VClone - ok
23:27:23.0592 3412 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
23:27:23.0639 3412 vga - ok
23:27:23.0733 3412 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
23:27:23.0779 3412 VgaSave - ok
23:27:23.0842 3412 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
23:27:23.0857 3412 viaide - ok
23:27:23.0951 3412 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
23:27:23.0967 3412 volmgr - ok
23:27:24.0060 3412 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
23:27:24.0091 3412 volmgrx - ok
23:27:24.0357 3412 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
23:27:24.0388 3412 volsnap - ok
23:27:24.0450 3412 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
23:27:24.0466 3412 vsmraid - ok
23:27:24.0528 3412 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
23:27:24.0591 3412 WacomPen - ok
23:27:24.0684 3412 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
23:27:24.0715 3412 Wanarp - ok
23:27:24.0731 3412 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
23:27:24.0762 3412 Wanarpv6 - ok
23:27:24.0840 3412 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
23:27:24.0856 3412 Wd - ok
23:27:24.0934 3412 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
23:27:24.0996 3412 Wdf01000 - ok
23:27:25.0215 3412 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
23:27:25.0246 3412 WmiAcpi - ok
23:27:25.0308 3412 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
23:27:25.0339 3412 WpdUsb - ok
23:27:25.0371 3412 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
23:27:25.0417 3412 ws2ifsl - ok
23:27:25.0511 3412 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:27:25.0558 3412 WUDFRd - ok
23:27:25.0620 3412 yukonx64 (827aaae4f84945658b0b03da805df44e) C:\Windows\system32\DRIVERS\yk60x64.sys
23:27:25.0667 3412 yukonx64 - ok
23:27:25.0761 3412 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
23:27:25.0761 3412 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
23:27:25.0776 3412 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
23:27:27.0789 3412 \Device\Harddisk0\DR0 - ok
23:27:27.0789 3412 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
23:27:27.0867 3412 \Device\Harddisk1\DR1 - ok
23:27:27.0882 3412 Boot (0x1200) (76fef732bb3db9d48eb14ca12accd0df) \Device\Harddisk0\DR0\Partition0
23:27:27.0960 3412 \Device\Harddisk0\DR0\Partition0 - ok
23:27:27.0976 3412 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
23:27:27.0976 3412 \Device\Harddisk1\DR1\Partition0 - ok
23:27:27.0976 3412 Boot (0x1200) (27f98a1577fc88371edb4bbca4c39ab5) \Device\Harddisk1\DR1\Partition1
23:27:27.0976 3412 \Device\Harddisk1\DR1\Partition1 - ok
23:27:27.0976 3412 ============================================================
23:27:27.0976 3412 Scan finished
23:27:27.0976 3412 ============================================================
23:27:27.0976 0932 Detected object count: 0
23:27:27.0976 0932 Actual detected object count: 0
23:27:44.0824 4980 Deinitialize success

Attached Files


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

We have to fix this as without it your firewall won't load and you can't use secure connections.


Download and Save the attached BFE64.zip file. Right click on it and Extract All. This will create a folder called BFE64. Inside the folder will be two files. BFE64.reg and mpssvc.reg.

Right click on BFE64.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Right click on mpssvc.reg and select MERGE. Allow it to merge into the registry. Report any errors you get.

Reboot.

Start, (All) Programs, Accessories then right click on Command Prompt and select Run As Admin.

Type with an Enter after each line:

net  start  bfe

(We want it to say
"The requested service has already been started

More help is available by typing NET HELPMSG 2182"

but it likely will say Access Denied. If you get Access Denied then:

Go into regedit, (Start, Search, regedit, doubleclick, Continue) navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
(Find HKEY_LOCAL_MACHINE\SYSTEM and click on the + in front of it. Find CurrentControlSet and click on its plus. Click on Services) then right click on Services and select Permissions then click Add.
Type in
NT Service\bfe
and click on Check Name. (It will change your typing to BFE ) OK. You should be back on the first Permissions page. Now select BFE on the permission page and click on the first box to the right of Full Control (Allow column). Then Apply. Reboot and do the
net  start  bfe
command again and see if BFE has already been started.

Start, (All) Programs, Accessories then right click on Command Prompt and select Run As Admin.

Type with an Enter after each line:

net  start  bfe

(also check the mpssvc which is Windows Firewall)

net  start  mpssvc

  • 0

#9
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

It worked like a charm (: The merges went well and the services have already been started after I added the BFE.

THX A LOT!

Michael
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Run DDS again. You can just copy and paste the info from below where it says:
==== Event Viewer Messages From Past Week ========

Let's see what is still not working.
  • 0

#11
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

I did as instructed and here are the event viewer msg.:

==== Event Viewer Messages From Past Week ========
.
1/9/2012 3:20:15 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
1/9/2012 3:20:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep i8042prt
1/9/2012 3:20:11 PM, Error: Service Control Manager [7000] - The PostgreSQL Server 8.4 service failed to start due to the following error: The system cannot find the file specified.
1/9/2012 3:20:11 PM, Error: Service Control Manager [7000] - The Nalpeiron Licensing Service service failed to start due to the following error: The system cannot find the path specified.
.

Michael
  • 0

#12
carlos50

carlos50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Ron

It's not my turn (: But I have gotten a weird error msg two times the last couple of days, so thought i would let you know. I took a print screen of it and have attached the jgp.

Michael

Attached Thumbnails

  • 100112.jpg

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
No idea what the alarm is from. Some Chinese thing which isn't working. Perhaps malware.

I don't see an anti-virus.

Let's install the free Avast:

http://www.avast.com...ivirus-download

Once you have it installed and it has updated,

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?
Look in C:\ProgramData\Alwil Software\Avast5\report\aswboot.txt or maybe look in C:\ProgramData\Avast Software\Avast5\report\aswboot.txt. If you find the text of the report copy and paste it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP