So, i downloaded a file from a "trusted" source, and after a while i noticed it might contain some kind of malware. Basicly, i use MTBM, and after a quick scan some entries appears, not thinking much of this i quarantine it, and thinks everything is ok.
but after restarting the system, i realize that the same entries still exist. when i tried to open emisoft hijackfree i got error "file is corrupt", fixed that afterwards, some websites are blocked, like virustotal.com, when googling anything related with "mwrwx.exe" i get very few hits, in Chinese or something, seems censored.
OTL.txt
OTL logfile created on: 6/23/2012 12:55:15 AM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Documents and Settings\N4bc4k3\Mine dokumenter\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: USA | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 59.08% Memory free
3.85 Gb Paging File | 3.00 Gb Available in Paging File | 77.90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programfiler
Drive C: | 29.29 Gb Total Space | 9.52 Gb Free Space | 32.48% Space Free | Partition Type: NTFS
Drive D: | 203.58 Gb Total Space | 19.89 Gb Free Space | 9.77% Space Free | Partition Type: NTFS
Drive E: | 2.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: N4B-C4K3 | User Name: N4bc4k3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/23 00:54:39 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\N4bc4k3\Mine dokumenter\Downloads\OTL.exe
PRC - [2012/06/23 00:41:01 | 000,012,970 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Temp\winvyjqr.exe
PRC - [2012/06/16 22:16:55 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programfiler\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 15:56:38 | 001,059,504 | ---- | M] (Malwarebytes Corporation) -- D:\Programfiler\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/02/10 23:20:22 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Programfiler\steam\Steam.exe
PRC - [2011/12/09 19:22:26 | 000,144,384 | ---- | M] (Nullsoft, Inc.) -- D:\Programfiler\Winamp\winampa.exe
PRC - [2011/10/24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/07 08:15:04 | 003,634,040 | ---- | M] (Emsi Software GmbH) -- D:\Programfiler\Emsisoft HiJackFree\a2hijackfree.exe
PRC - [2010/04/09 03:42:28 | 000,241,768 | ---- | M] (NVIDIA Corporation) -- C:\Programfiler\NVIDIA Corporation\Raid\nvraidservice.exe
PRC - [2010/02/12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Programfiler\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 18:22:49 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/23 00:41:01 | 000,012,970 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Temp\winvyjqr.exe
MOD - [2012/06/22 23:59:23 | 020,313,384 | ---- | M] () -- D:\Programfiler\steam\bin\libcef.dll
MOD - [2012/06/22 23:59:14 | 000,895,312 | ---- | M] () -- D:\Programfiler\steam\bin\chromehtml.dll
MOD - [2012/06/22 23:59:13 | 001,099,576 | ---- | M] () -- D:\Programfiler\steam\bin\avcodec-53.dll
MOD - [2012/06/22 23:59:13 | 000,190,776 | ---- | M] () -- D:\Programfiler\steam\bin\avformat-53.dll
MOD - [2012/06/22 23:59:13 | 000,123,192 | ---- | M] () -- D:\Programfiler\steam\bin\avutil-51.dll
MOD - [2012/06/16 22:16:54 | 002,042,848 | ---- | M] () -- C:\Programfiler\Mozilla Firefox\mozjs.dll
MOD - [2012/06/14 15:54:34 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/14 11:35:42 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/14 11:35:32 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/14 02:01:49 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/05/20 13:47:30 | 008,797,856 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/05/10 15:38:28 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/10 15:38:22 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/10 15:36:22 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/10 15:32:56 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/10 15:32:41 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/12/30 19:32:52 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_no_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2011/12/30 19:32:51 | 000,286,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/11/09 22:45:32 | 000,270,336 | ---- | M] () -- C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programfiler\Fellesfiler\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programfiler\Fellesfiler\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/16 13:22:12 | 000,014,848 | ---- | M] () -- C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2008/04/14 18:22:11 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/06/16 22:16:55 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programfiler\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/20 13:47:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/19 18:03:24 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Programfiler\Fellesfiler\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/30 18:47:01 | 000,161,280 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Programfiler\Fellesfiler\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/10/24 22:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Programfiler\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\JamDRV.sys -- (JAMVOX_AA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\JamWdm.sys -- (JAMVOX_01)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqvpoq.sys -- (amsint32)
DRV - [2012/06/23 00:41:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/03/09 10:57:28 | 000,024,328 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2012/01/15 19:57:22 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/12/14 17:13:56 | 000,105,416 | ---- | M] (CEntrance, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jamvox.sys -- (JamVOXUSBAudioSrv)
DRV - [2011/11/10 05:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/10/17 19:40:22 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/07/29 14:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/06/15 15:22:28 | 000,284,632 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)
DRV - [2011/06/15 15:21:12 | 000,084,312 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\VBFilt.dll -- (VBFilt)
DRV - [2011/06/15 15:21:10 | 000,078,656 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - [2011/06/15 15:21:04 | 000,764,880 | ---- | M] (Agnitum Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)
DRV - [2011/05/19 16:55:28 | 000,103,512 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2011/03/28 19:55:54 | 000,032,472 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)
DRV - [2011/02/02 18:04:22 | 000,242,040 | ---- | M] (VirusBuster Kft.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBEngNT.sys -- (VBEngNT)
DRV - [2010/03/18 21:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2010/03/18 21:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2010/03/18 21:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2010/03/18 21:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/03/18 21:45:28 | 000,157,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/03/18 21:45:20 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/03/18 21:45:12 | 000,127,576 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/03/18 21:40:48 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/03/18 21:40:40 | 000,528,472 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/03/18 21:40:32 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/03/18 21:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX.SYS)
DRV - [2010/03/18 21:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV - [2010/03/18 21:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX.SYS)
DRV - [2010/03/18 21:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV - [2010/03/18 21:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX.SYS)
DRV - [2010/03/18 21:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV - [2010/03/18 21:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX.SYS)
DRV - [2010/03/18 21:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COMMONFX.sys -- (COMMONFX)
DRV - [2009/08/04 11:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/06 11:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2008/11/12 17:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/04/13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/10/12 17:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/09/12 04:45:38 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/09/12 04:45:36 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/08/22 03:24:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/13 11:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programfiler\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2504091
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programfiler\ITunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programfiler\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programfiler\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programfiler\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programfiler\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programfiler\Mozilla Firefox\components [2012/06/16 22:16:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programfiler\Mozilla Firefox\plugins [2012/06/21 19:38:00 | 000,000,000 | ---D | M]
[2012/04/06 14:03:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\N4bc4k3\Programdata\Mozilla\Extensions
[2012/05/02 18:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\N4bc4k3\Programdata\Mozilla\Firefox\Profiles\3v9gbb6i.default\extensions
[2012/06/21 19:38:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programfiler\Mozilla Firefox\extensions
[2011/12/31 00:46:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programfiler\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/21 19:38:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programfiler\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/06/16 22:16:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programfiler\mozilla firefox\components\browsercomps.dll
[2011/12/09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programfiler\mozilla firefox\plugins\npwachk.dll
[2012/06/16 22:16:52 | 000,002,252 | ---- | M] () -- C:\Programfiler\mozilla firefox\searchplugins\bing.xml
[2012/06/16 22:16:52 | 000,002,040 | ---- | M] () -- C:\Programfiler\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programfiler\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Programfiler\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programfiler\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programfiler\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programfiler\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Java Platform SE 6 U33 (Enabled) = C:\Programfiler\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Programfiler\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programfiler\ITunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/02/25 03:37:55 | 000,441,313 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15171 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programfiler\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programfiler\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Programfiler\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Programfiler\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [NVRaidService] C:\Programfiler\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] d:\Programfiler\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programfiler\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] D:\Programfiler\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Outpost Security Suite Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - d:\Programfiler\Agnitum\Outpost Security Suite Pro\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programfiler\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...10926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{184F38BC-3F79-4D10-AC91-2C8313224FB3}: DhcpNameServer = 192.168.10.1 192.168.10.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programfiler\Fellesfiler\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programfiler\Fellesfiler\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programfiler\Fellesfiler\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (d:\progra~1\agnitum\outpos~1\wl_hook.dll) - d:\Programfiler\Agnitum\Outpost Security Suite Pro\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Min gjeldende hjemmeside) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programfiler\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/30 02:29:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/06/10 01:03:18 | 000,000,181 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/06/10 01:03:18 | 000,000,319 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{bddbb15c-3306-11e1-bba0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{bddbb15c-3306-11e1-bba0-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/23 00:41:00 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/22 19:03:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Programdata\Malwarebytes
[2012/06/22 19:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Programmer\Malwarebytes' Anti-Malware
[2012/06/22 19:03:12 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/06/22 19:03:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Programdata\Malwarebytes
[2012/06/21 19:36:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Programdata\McAfee
[2012/06/21 19:05:07 | 000,000,000 | ---D | C] -- C:\Programfiler\Emsisoft HiJackFree
[2012/06/21 18:54:45 | 000,000,000 | ---D | C] -- C:\Programfiler\Emsisoft Anti-Malware
[2012/06/21 18:54:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Mine dokumenter\Anti-Malware
[2012/06/17 13:28:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Mine dokumenter\Thief - Deadly Shadows
[2012/06/17 13:27:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Programmer\Eidos
[2012/06/16 22:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Mine dokumenter\FIFA 10
[2012/06/16 20:32:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Programdata\Windows Search
[2012/06/10 01:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Mine dokumenter\FIFA 11
[2012/06/10 01:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Programmer\EA Sports
[2012/06/10 01:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Programdata\Leadertech
[2012/06/05 20:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Skrivebord\Ny mappe
[2012/05/24 16:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\N4bc4k3\Programdata\LolClient2
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/23 00:41:00 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/23 00:38:19 | 000,103,140 | ---- | M] () -- C:\mwrwx.exe
[2012/06/23 00:37:15 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/23 00:36:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/23 00:35:49 | 000,031,584 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2012/06/23 00:35:49 | 000,031,584 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2012/06/23 00:35:49 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2012/06/23 00:35:49 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2012/06/23 00:35:49 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2012/06/23 00:35:22 | 004,931,577 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000004-10071102}.CDF
[2012/06/23 00:35:22 | 004,931,577 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000007-00001102-00000004-10071102}.BAK
[2012/06/23 00:08:27 | 000,000,102 | ---- | M] () -- C:\index.ini
[2012/06/22 23:57:47 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/06/22 23:57:47 | 000,001,076 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/06/22 19:03:14 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes Anti-Malware.lnk
[2012/06/22 17:30:42 | 000,008,326 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\.recently-used.xbel
[2012/06/21 18:35:25 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\housecall.guid.cache
[2012/06/16 22:38:17 | 000,436,824 | ---- | M] () -- C:\AnalysisLog.sr0
[2012/06/14 11:32:51 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/14 02:02:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/06/14 02:02:03 | 000,482,108 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/14 02:02:03 | 000,315,552 | ---- | M] () -- C:\WINDOWS\System32\perfh014.dat
[2012/06/14 02:02:03 | 000,080,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/14 02:02:03 | 000,044,398 | ---- | M] () -- C:\WINDOWS\System32\perfc014.dat
[2012/06/14 01:58:23 | 000,031,550 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/06/12 16:33:30 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/12 14:41:38 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivebord\Skype.lnk
[2012/06/10 01:03:18 | 000,000,181 | RHS- | M] () -- C:\autorun.inf
[2012/06/05 20:13:07 | 000,000,459 | ---- | M] () -- C:\Documents and Settings\N4bc4k3\server.properties
[2012/06/01 20:52:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/06/23 00:38:19 | 000,103,140 | ---- | C] () -- C:\mwrwx.exe
[2012/06/22 19:03:13 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivebord\Malwarebytes Anti-Malware.lnk
[2012/06/22 17:30:42 | 000,008,326 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\.recently-used.xbel
[2012/06/21 18:35:25 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\housecall.guid.cache
[2012/06/16 22:38:09 | 000,436,824 | ---- | C] () -- C:\AnalysisLog.sr0
[2012/06/14 01:58:23 | 000,031,550 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/06/10 01:03:30 | 000,000,181 | RHS- | C] () -- C:\autorun.inf
[2012/06/05 03:01:26 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/04/20 19:52:23 | 000,013,195 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\lol.jpg
[2012/04/15 20:43:46 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\appletfile.props
[2012/04/02 00:35:07 | 000,000,030 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2012/04/02 00:31:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2012/02/16 18:31:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/10 22:58:43 | 000,000,459 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\server.properties
[2012/02/10 21:26:34 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/31 01:05:23 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011/12/31 01:05:23 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011/12/31 01:05:23 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011/12/31 01:05:23 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011/12/31 01:05:23 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011/12/30 19:00:18 | 000,001,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/12/30 04:13:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/12/30 04:13:30 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/12/30 04:13:29 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/12/30 04:13:29 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/12/30 03:03:31 | 000,011,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsUpIO.sys
[2011/12/30 03:02:46 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/12/30 03:02:29 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2011/12/30 03:02:29 | 000,011,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2011/12/30 03:02:28 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2011/12/30 03:02:28 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2011/12/30 02:41:28 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\N4bc4k3\Lokale innstillinger\Programdata\fusioncache.dat
[2011/12/30 02:31:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/12/30 02:28:07 | 000,021,704 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/12/30 02:20:31 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/12/30 02:19:17 | 000,193,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/15 05:22:14 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\jamvoxdevice.dll
[2011/11/09 23:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 23:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
========== LOP Check ==========
[2011/12/30 03:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\Agnitum
[2011/12/30 04:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\DAEMON Tools Lite
[2011/12/30 19:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\DriverGenius
[2011/12/30 18:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\Easy Driver Pro
[2012/04/12 19:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\Electronic Arts
[2012/06/22 23:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\PMB Files
[2012/03/02 21:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\VOX
[2011/12/30 18:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/06/11 21:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\.minecraft
[2011/12/30 03:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Agnitum
[2012/06/22 02:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Azureus
[2012/06/16 22:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\DAEMON Tools Lite
[2012/04/25 21:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\foobar2000
[2012/06/16 15:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\gtk-2.0
[2012/03/24 18:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Kalypso Media
[2012/06/10 01:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Leadertech
[2011/12/30 21:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\LolClient
[2012/05/24 16:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\LolClient2
[2012/01/28 15:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\minecraft
[2012/04/12 20:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Need for Speed World
[2012/02/14 20:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\OpenOffice.org
[2012/04/15 15:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\PriceGong
[2012/05/15 23:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Spotify
[2012/02/01 19:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Unity
[2012/04/21 01:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\VOX
[2011/12/30 19:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Windows Desktop Search
[2012/06/16 20:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\N4bc4k3\Programdata\Windows Search
========== Purity Check ==========
< End of report >
Extras.txt
OTL Extras logfile created on: 6/23/2012 12:55:15 AM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Documents and Settings\N4bc4k3\Mine dokumenter\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: USA | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.18 Gb Available Physical Memory | 59.08% Memory free
3.85 Gb Paging File | 3.00 Gb Available in Paging File | 77.90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programfiler
Drive C: | 29.29 Gb Total Space | 9.52 Gb Free Space | 32.48% Space Free | Partition Type: NTFS
Drive D: | 203.58 Gb Total Space | 19.89 Gb Free Space | 9.77% Space Free | Partition Type: NTFS
Drive E: | 2.83 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: N4B-C4K3 | User Name: N4bc4k3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programfiler\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programfiler\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programfiler\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "d:\Programfiler\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "d:\Programfiler\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "d:\Programfiler\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UacDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58455:TCP" = 58455:TCP:*:Enabled:Pando Media Booster
"58455:UDP" = 58455:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58455:TCP" = 58455:TCP:*:Enabled:Pando Media Booster
"58455:UDP" = 58455:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - kompatibilitetsmodus (HTTP inn)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programfiler\Pando Networks\Media Booster\PMB.exe" = C:\Programfiler\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programfiler\Fellesfiler\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programfiler\Fellesfiler\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programfiler\Pando Networks\Media Booster\PMB.exe" = C:\Programfiler\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Programfiler\Winamp\winamp.exe" = D:\Programfiler\Winamp\winamp.exe:*:Enabled:ipsec -- (Nullsoft, Inc.)
"D:\Programfiler\vuze\Azureus.exe" = D:\Programfiler\vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"D:\Programfiler\steam\Steam.exe" = D:\Programfiler\steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\Programfiler\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = D:\Programfiler\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:iw4mp -- ()
"D:\Programfiler\Kalypso Media\Tropico 4\Tropico4.exe" = D:\Programfiler\Kalypso Media\Tropico 4\Tropico4.exe:*:Enabled:Tropico 4
"C:\Documents and Settings\N4bc4k3\Programdata\Spotify\spotify.exe" = C:\Documents and Settings\N4bc4k3\Programdata\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Documents and Settings\All Users\Programdata\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Programdata\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)
"C:\Programfiler\Java\jre6\bin\javaw.exe" = C:\Programfiler\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programfiler\vuze\Support\FIFA 11_code.exe" = D:\Programfiler\vuze\Support\FIFA 11_code.exe:*:Enabled:ipsec -- (Electronic Arts)
"D:\Programfiler\vuze\Redistributable\vcredist_x86_en.exe" = D:\Programfiler\vuze\Redistributable\vcredist_x86_en.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" = C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:ipsec -- (Safer-Networking Ltd.)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyhqxkw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyhqxkw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mpboqb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mpboqb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winttkal.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winttkal.exe:*:Enabled:ipsec
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winesqgu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winesqgu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tsjd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tsjd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqgkhbu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqgkhbu.exe:*:Enabled:ipsec
"C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" = C:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe:*:Enabled:ipsec -- (Advanced Micro Devices, Inc.)
"C:\Programfiler\DAEMON Tools Lite\DTLite.exe" = C:\Programfiler\DAEMON Tools Lite\DTLite.exe:*:Enabled:ipsec -- (DT Soft Ltd)
"C:\Programfiler\NVIDIA Corporation\Raid\nvraidservice.exe" = C:\Programfiler\NVIDIA Corporation\Raid\nvraidservice.exe:*:Enabled:ipsec -- (NVIDIA Corporation)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsvcmj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsvcmj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tbmnd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tbmnd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrokvv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrokvv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bkotj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bkotj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\waor.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\waor.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpiaqfs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpiaqfs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oxcdnb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oxcdnb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbrpute.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbrpute.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqdwl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqdwl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xspwc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xspwc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winecbfmm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winecbfmm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wxpebp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wxpebp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwmavk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwmavk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winunrx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winunrx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xmqklc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xmqklc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winctqiqj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winctqiqj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkrth.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkrth.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windjdle.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windjdle.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\clvykn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\clvykn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ouwsgi.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ouwsgi.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaiar.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaiar.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winoice.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winoice.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pgtwp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pgtwp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsvpt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsvpt.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlxbbn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlxbbn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsaxkpq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsaxkpq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cndc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cndc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmbms.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmbms.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincqxye.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincqxye.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winspqqa.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winspqqa.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsgvug.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsgvug.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincyolw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincyolw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlvwgj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlvwgj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winicxoju.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winicxoju.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windufx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windufx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincxdwmk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincxdwmk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tdanr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tdanr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winilnwwo.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winilnwwo.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winajlgr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winajlgr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnmlwp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnmlwp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ypfv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ypfv.exe:*:Enabled:ipsec
"C:\Programfiler\Adobe\Reader 10.0\Reader\Reader_sl.exe" = C:\Programfiler\Adobe\Reader 10.0\Reader\Reader_sl.exe:*:Enabled:ipsec -- (Adobe Systems Incorporated)
"C:\WINDOWS\system32\CTHELPER.EXE" = C:\WINDOWS\system32\CTHELPER.EXE:*:Enabled:ipsec -- (Creative Technology Ltd)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tvig.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tvig.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winydjwl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winydjwl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpgux.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpgux.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windqkkch.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windqkkch.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dgipdm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dgipdm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\srivdr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\srivdr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bugjkp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bugjkp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\podkl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\podkl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winswici.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winswici.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmynr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmynr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjmcwnn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjmcwnn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vbew.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vbew.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmlba.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmlba.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lfisu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lfisu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineuteu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineuteu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlpjsx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlpjsx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cjbd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cjbd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpauxf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpauxf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\spwp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\spwp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winadxq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winadxq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\figoe.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\figoe.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oacabx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oacabx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrunxfu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrunxfu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfccp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfccp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winuanahp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winuanahp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bpewsw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bpewsw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhxpwlg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhxpwlg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yslx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yslx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\btbd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\btbd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkdtfs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkdtfs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvxgwh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvxgwh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnhdd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnhdd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvvysn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvvysn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winluawv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winluawv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfjdnti.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfjdnti.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqoegqq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqoegqq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windxhsac.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windxhsac.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winprydfb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winprydfb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkplmoj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkplmoj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bvgemx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bvgemx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqfeq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqfeq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaksk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaksk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\uwles.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\uwles.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\noaq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\noaq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyble.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyble.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winofke.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winofke.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hwys.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hwys.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cgqqbg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cgqqbg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\coff.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\coff.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ohtqlg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ohtqlg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpftway.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpftway.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rntted.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rntted.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwbnwvb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwbnwvb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnmrxk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnmrxk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\jhpybh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\jhpybh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlrjjdh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlrjjdh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yyywgx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yyywgx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqdmtb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqdmtb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dtmnpm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dtmnpm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winofwqo.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winofwqo.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winflobgn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winflobgn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbgdin.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbgdin.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmljlm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmljlm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingklidp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingklidp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pvou.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pvou.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsnqdr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsnqdr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tibq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tibq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windxxij.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windxxij.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\usdcka.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\usdcka.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqwawm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqwawm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvjua.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvjua.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\kdcnss.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\kdcnss.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingvndm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingvndm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpyplq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpyplq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winchjbkc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winchjbkc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingdmee.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingdmee.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\staks.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\staks.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winixvm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winixvm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winecfoo.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winecfoo.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nrgvm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nrgvm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winifkcf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winifkcf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlnkgdp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlnkgdp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winakjgr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winakjgr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqyyftx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqyyftx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\jmsmr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\jmsmr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winokykb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winokykb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winykij.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winykij.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winonhi.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winonhi.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineuhgwc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineuhgwc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlvene.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlvene.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhlpiqm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhlpiqm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ipwbio.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ipwbio.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hsnyvg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hsnyvg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfhet.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfhet.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqfehtk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqfehtk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintvvm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintvvm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hndr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hndr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfem.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfem.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\gljw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\gljw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpbk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpbk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxplgkw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxplgkw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineblf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineblf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqparr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqparr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfeshh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfeshh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cgaugs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cgaugs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cmftmj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cmftmj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mbhn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mbhn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlghvkt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlghvkt.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnltep.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnltep.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pfhlmn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pfhlmn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\suoqe.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\suoqe.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkacc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkacc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyatr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyatr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnibubs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnibubs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ywbxom.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ywbxom.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pbvay.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pbvay.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winulusrr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winulusrr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wdaqu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wdaqu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlgkdw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlgkdw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlfdt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winlfdt.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\simhcp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\simhcp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvojsfb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvojsfb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbann.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbann.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oxlw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oxlw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwyxcvv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwyxcvv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineckvh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineckvh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\txnknk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\txnknk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\owqj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\owqj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqygxck.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqygxck.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wndaut.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wndaut.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winakiwi.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winakiwi.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pdoouu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pdoouu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winselody.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winselody.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windutt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windutt.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ntoa.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ntoa.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhjsr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhjsr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwpoj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwpoj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\awej.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\awej.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windwkiag.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windwkiag.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winldbl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winldbl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjncw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjncw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cqkohv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cqkohv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\iehbt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\iehbt.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bxjxro.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bxjxro.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingfjr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingfjr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxupy.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxupy.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winixyd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winixyd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sbdc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sbdc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrfasv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrfasv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyupg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyupg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lacs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lacs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyilmj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winyilmj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkjndks.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winkjndks.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxodu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxodu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfnteps.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winfnteps.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winskbpng.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winskbpng.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ksufa.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ksufa.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxgfirb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxgfirb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmtjc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmtjc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintpwdkn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintpwdkn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ujvw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ujvw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjbeqck.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjbeqck.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lebm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lebm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winetkjkp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winetkjkp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sgfaia.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sgfaia.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winthol.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winthol.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqtxfc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqtxfc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yudojw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yudojw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxbcoae.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxbcoae.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrrfcn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrrfcn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sidd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sidd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qxeye.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qxeye.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwfbc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwfbc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\iehhc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\iehhc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pehov.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pehov.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnfdic.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnfdic.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrwjtb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrwjtb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnppf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnppf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fkysp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fkysp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\laweoh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\laweoh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winanqf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winanqf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qtoy.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qtoy.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bqhki.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bqhki.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsek.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmsek.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rstr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rstr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpajs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpajs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsuqw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winsuqw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winckarmu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winckarmu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pppa.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\pppa.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qqcg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qqcg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpcvy.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpcvy.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vycx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vycx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oqrv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oqrv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rybsd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rybsd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingwxech.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingwxech.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winftitmk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winftitmk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windqhp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windqhp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhthyj.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhthyj.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\syuf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\syuf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\whmf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\whmf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrwcrmb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winrwcrmb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmhxxtx.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmhxxtx.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yvcle.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yvcle.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nenw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nenw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincuihc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wincuihc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxaoe.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winxaoe.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winiihlp.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winiihlp.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintgqbrm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintgqbrm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintgjy.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintgjy.exe:*:Enabled:ipsec
"C:\WINDOWS\system32\userinit.exe" = C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oned.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oned.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ubrdng.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\ubrdng.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjxsgl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winjxsgl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winywvr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winywvr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwqiua.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winwqiua.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rltbh.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rltbh.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fccw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fccw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oyjvf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\oyjvf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hhrqqm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\hhrqqm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winilcd.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winilcd.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintoikdf.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wintoikdf.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wsoks.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wsoks.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineoqus.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineoqus.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winigum.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winigum.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineladg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wineladg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpuuwn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\rpuuwn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\alhn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\alhn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhwgqpm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winhwgqpm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaaoa.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winaaoa.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cbspy.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\cbspy.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpvrmm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winpvrmm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windfagm.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\windfagm.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winupitre.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winupitre.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmgmmb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmgmmb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\eniw.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\eniw.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winoievqu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winoievqu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xljeb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\xljeb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnvnmi.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winnvnmi.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingshac.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\wingshac.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tnxl.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tnxl.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yienmu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yienmu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmgka.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmgka.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dveb.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\dveb.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bwpoft.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\bwpoft.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nagqn.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\nagqn.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqvabli.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqvabli.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lgwk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\lgwk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqvufv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqvufv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\refk.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\refk.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmqnu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winmqnu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\umisg.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\umisg.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\niboof.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\niboof.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tgkyll.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\tgkyll.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sduc.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\sduc.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mciitv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\mciitv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfox.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winbfox.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yqjv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\yqjv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vobo.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\vobo.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\gtssfs.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\gtssfs.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqhwwom.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winqhwwom.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\uvkfv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\uvkfv.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qlhr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qlhr.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qmqq.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\qmqq.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\outmv.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\outmv.exe:*:Enabled:ipsec
"C:\Programfiler\Mozilla Firefox\firefox.exe" = C:\Programfiler\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winginu.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winginu.exe:*:Enabled:ipsec
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fuutt.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\fuutt.exe:*:Enabled:ipsec
"D:\Programfiler\Emsisoft HiJackFree\a2hijackfree.exe" = D:\Programfiler\Emsisoft HiJackFree\a2hijackfree.exe:*:Enabled:ipsec -- (Emsi Software GmbH)
"C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvyjqr.exe" = C:\DOCUME~1\N4bc4k3\LOKALE~1\Temp\winvyjqr.exe:*:Enabled:ipsec -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 33
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{30F00D74-F3A2-4512-8EAA-E14DA2F90434}" = Microsoft .NET Framework (Norwegian)
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C9414-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}" = CCC Help English
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EAC35F4-FF26-4123-9404-0B5B93DAB570}" = Microsoft .NET Framework 1.1 Norwegian Language Pack
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}" = Bloodline Champions
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{82931CCC-65F4-5A50-57AD-AE6DF6B10929}" = Catalyst Control Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F23E786-61A7-4708-B7C2-1A41DFD79162}" = OpenOffice.org 3.3
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F368FA7-2B3C-8207-A31F-0BEF463F4B6E}" = AMD Catalyst Install Manager
"{A0A087E5-149E-EC75-F45D-3A3C04344B4A}" = Catalyst Control Center Graphics Previews Common
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3499A41-41EA-3567-977C-29E9E226A360}" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B00C01D2-2A74-4FB8-AD86-111C77F3CF7E}" = JamVOX
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC452A50-5C87-4A1F-B295-445C3C69BF7D}" = NVIDIA MediaShield
"{CC67DD84-77C6-C9F8-FA03-953F1C1C92A9}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{cecadf9c-37e1-42d4-a3f8-d29c55be3e45}" = Nero 9 Essentials
"{CF7C2683-9FBE-4223-84E7-43FED4912CD5}" = Microsoft .NET Framework 2.0 Language Pack - NOR
"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agnitum Outpost Security Suite Pro_is1" = Outpost Security Suite Pro 7.5.1
"AudioCS" = Creative Audio Console
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Emsisoft HiJackFree_is1" = Emsisoft HiJackFree 4.5
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v1.1.10
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"JamVOX USB Driver" = JamVOX USB Driver
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versjon 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - NOR" = Microsoft .NET Framework 2.0 Language Pack - NOR
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NOR Language Pack" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"Microsoft .NET Framework Full v1.0.3705 (1044)" = Microsoft .NET Framework (Norwegian) v1.0.3705
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"SFBM" = SoundFont Bank Manager
"VLC media player" = VLC media player 2.0.0
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WaveStudio 7" = Creative WaveStudio 7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4/17/2012 2:43:58 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program iw4mp.exe, versjon 0.0.0.0, feilende modul iw4mp.exe,
versjon 0.0.0.0, feiladresse 0x00189c22.
Error - 4/19/2012 2:46:45 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program iw4mp.exe, versjon 0.0.0.0, feilende modul iw4mp.exe,
versjon 0.0.0.0, feiladresse 0x00189c14.
Error - 4/20/2012 10:45:24 AM | Computer Name = N4B-C4K3 | Source = Application Hang | ID = 1002
Description = Hengende program League of Legends.exe, versjon 1.0.0.138, hengende
modul hungapp, versjon 0.0.0.0, hengeadresse 0x00000000.
Error - 4/20/2012 12:31:05 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program lolclient.exe, versjon 2.0.2.12610, feilende modul
adobe air.dll, versjon 3.1.0.4880, feiladresse 0x003d64a0.
Error - 4/21/2012 1:12:31 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.874, feilende modul unknown,
versjon 0.0.0.0, feiladresse 0x9001bd02.
Error - 4/27/2012 8:53:08 AM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.874, feilende modul nfsw.exe,
versjon 1.0.0.874, feiladresse 0x005a8c89.
Error - 4/27/2012 8:57:23 AM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.874, feilende modul nfsw.exe,
versjon 1.0.0.874, feiladresse 0x00501390.
Error - 5/1/2012 9:13:57 AM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.874, feilende modul msvcr90.dll,
versjon 9.0.30729.4148, feiladresse 0x0003aee8.
Error - 5/2/2012 12:39:14 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.893, feilende modul msvcr90.dll,
versjon 9.0.30729.4148, feiladresse 0x00024651.
Error - 5/2/2012 12:55:09 PM | Computer Name = N4B-C4K3 | Source = Application Error | ID = 1000
Description = Feilende program nfsw.exe, versjon 1.0.0.893, feilende modul nfsw.exe,
versjon 1.0.0.893, feiladresse 0x005a978a.
[ System Events ]
Error - 5/30/2012 3:34:44 PM | Computer Name = N4B-C4K3 | Source = Service Control Manager | ID = 7009
Description = Tidsavbrudd (30000 millisekunder). Venter på at tjenesten Steam Client
Service skal kobles til.
Error - 5/30/2012 3:34:44 PM | Computer Name = N4B-C4K3 | Source = Service Control Manager | ID = 7000
Description = Tjenesten Steam Client Service kan ikke startes på grunn av følgende
feil: %%1053
Error - 6/1/2012 2:52:33 PM | Computer Name = N4B-C4K3 | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.
Error - 6/1/2012 2:54:50 PM | Computer Name = N4B-C4K3 | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.
Error - 6/1/2012 2:57:37 PM | Computer Name = N4B-C4K3 | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.
Error - 6/1/2012 2:57:50 PM | Computer Name = N4B-C4K3 | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x80070005.
< End of report >