Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ad.yieldmanager.com [Closed]

Started by milad77 , Aug 29 2012 02:55 AM

  • This topic is locked This topic is locked

#1
milad77
Posted 29 August 2012 - 02:55 AM

milad77

    Member

  • Member
  • PipPip
  • 19 posts
Pleaseeeeeeeeee, can somebody help me. I got this fffffff ad.yieldmanager.com problem and I have tried everything (programs) that is out there. I did read on one thread here that youdid solve the problem. I tried to follow the instructions but couldnt get rid of it. So here is my logfile.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:58, on 2012-08-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Delade filer\logishrd\LVMVFM\UMVPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\SUPERAntiSpyware\SASCORE.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Hp\HP Software Update\HPWuSchd2.exe
C:\Program\Delade filer\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
C:\Program\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Net iD] "C:\Program\Net iD\iid.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWS] C:\Program\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Delade filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nike+ Connect] "C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "c:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.appl...ex/qtplugin.cab
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} (Camera Stream Client Control Object) - http://192.168.0.11/dcsclictrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {F3DCFC89-8C6E-4052-9176-B7806D188FD5} (Image Uploader Control) - http://www.fujidirek...aderactivex.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program\Delade filer\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 9619 bytes
  • 0

Advertisements

#2
Crowbar
Posted 29 August 2012 - 06:03 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello milad77 and welcome to Geeks To Go !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them.
You get an advantage as you have 2 people examining your issue.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

You ran HijackThis, but we really don't use that these days, we use OTL for scanning, which does a much better job of showing what is going on with your system.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs in your next response

  • 0

#3
milad77
Posted 29 August 2012 - 03:48 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Wow, many thanks for the help!

Here is the OTL.Txt

OTL logfile created on: 2012-08-29 23:25:10 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Milad\Skrivbord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 78,80% Memory free
4,84 Gb Paging File | 4,38 Gb Available in Paging File | 90,43% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 5,59 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 48,26 Gb Free Space | 64,75% Space Free | Partition Type: NTFS

Computer Name: MILAD-89686FC7A | User Name: Milad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-08 21:04:06 | 000,070,656 | ---- | M] (Nike) -- C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-09 19:11:12 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe


========== Modules (No Company Name) ==========

MOD - [2012-03-11 14:55:40 | 000,088,656 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program\FileZilla FTP Client\fzshellext.dll
MOD - [2009-02-27 19:23:48 | 000,311,296 | ---- | M] () -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\pdfshell.SVE


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-08-29 15:39:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2003-04-07 22:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\ifsmount.sys -- (IfsMount)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\ext2fs.sys -- (Ext2fs)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-01-18 08:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-06-15 22:52:42 | 000,021,376 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\droidcam.sys -- (DroidCam)
DRV - [2010-10-20 16:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2010-10-18 14:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\androidusb.sys -- (androidusb)
DRV - [2010-10-18 14:12:32 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010-05-07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-10-24 21:04:16 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-03 23:16:58 | 000,105,856 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hwusbser.sys -- (qcusbser)
DRV - [2007-07-10 09:42:32 | 001,310,720 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\c6501.sys -- (c65013264)
DRV - [2005-09-30 12:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-09-30 12:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-08-18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\..\SearchScopes\{4B99678A-87FC-4340-AD79-FFCFA985804B}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-08-29 18:17:30&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-725345543-152049171-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim....-001BFCAE33F1}"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2
FF - prefs.js..keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.se/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-05-28 18:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-18 00:23:25 | 000,000,000 | ---D | M]

[2009-11-01 14:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Extensions
[2012-08-29 22:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions
[2011-04-10 09:42:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-08-28 17:51:50 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-08-27 16:00:22 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-08-28 17:52:00 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\searchplugins\sweetim.xml
[2012-05-16 14:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions
[2012-08-23 19:56:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-09-16 23:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-26 20:22:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-06-29 13:15:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-11-28 11:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2010-09-16 23:35:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\mozilla firefox\plugins\npdeployJava1.dll
[2009-01-09 10:57:10 | 000,111,856 | ---- | M] (SecMaker AB) -- C:\Program\mozilla firefox\plugins\npiidplg.dll
[2011-08-31 12:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program\mozilla firefox\plugins\npvsharetvplg.dll
[2011-07-25 13:28:22 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2012-08-29 18:17:28 | 000,003,768 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\avg-secure-search.xml
[2011-07-25 13:28:22 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2011-07-25 13:28:22 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,647 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://www.google.se/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.se/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Net iD (Enabled) = C:\Program\Mozilla Firefox\plugins\npiidplg.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: vshare plugin = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: vshare plugin = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\

O1 HOSTS File: ([2012-08-28 16:47:01 | 000,000,724 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O3 - HKU\S-1-5-21-725345543-152049171-839522115-1003\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [LWS] C:\Program\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Net iD] C:\Program\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-725345543-152049171-839522115-1003..\Run: [GoogleDriveSync] C:\Program\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-725345543-152049171-839522115-1003..\Run: [Logitech Vid] C:\Program\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-725345543-152049171-839522115-1003..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hp psc 1000 series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hpoddt01.exe.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://192.168.0.11/dcsclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F3DCFC89-8C6E-4052-9176-B7806D188FD5} http://www.fujidirek...aderactivex.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4865552-4657-40E8-826F-E6588CB59E94}: DhcpNameServer = 83.255.245.11 193.150.193.150
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-24 19:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012-08-29 23:06:33 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 14:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2012-08-29 13:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-29 01:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Program\SUPERAntiSpyware
[2012-08-28 21:55:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012-08-28 17:51:42 | 000,000,000 | ---D | C] -- C:\Program\SweetIM
[2012-08-28 17:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2012-08-28 17:51:29 | 000,000,000 | ---D | C] -- C:\Program\Yieldmanager Removal Tool
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Start-meny\Program\HiJackThis
[2012-08-28 16:01:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012-08-28 07:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012-08-28 07:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\AVG
[2012-08-28 07:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-08-27 16:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012-08-27 16:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Downloaded Installations
[2012-08-27 16:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\adawarebp
[2012-08-27 09:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\Malwarebytes
[2012-08-27 09:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-08-27 08:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Help
[2012-08-21 22:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2012-08-21 22:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\APN
[2012-08-18 21:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\PokerStars.EU
[2012-08-18 21:45:47 | 000,000,000 | ---D | C] -- C:\Program\PokerStars.EU
[2012-08-07 18:34:59 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-07-31 15:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Skrivbord\samir
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 23:01:35 | 000,000,489 | ---- | M] () -- C:\WINDOWS\System\C6501.ini
[2012-08-29 22:57:40 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-29 22:57:31 | 000,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012-08-29 22:57:06 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-29 22:57:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012-08-29 22:56:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-29 22:41:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003UA.job
[2012-08-29 22:38:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-08-29 22:36:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-29 20:40:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012-08-29 19:41:49 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-08-29 18:26:49 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 18:05:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012-08-29 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 15:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003Core.job
[2012-08-29 14:00:55 | 066,138,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 14:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012-08-29 13:49:25 | 000,174,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-29 12:23:17 | 000,112,568 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 10:10:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012-08-29 03:01:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-08-29 02:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-29 01:04:33 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 23:18:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2012-08-28 17:39:27 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:55 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 17:08:15 | 000,435,010 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2012-08-28 17:08:15 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-28 17:08:15 | 000,079,216 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2012-08-28 17:08:15 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-28 16:58:30 | 000,157,790 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-28 16:47:01 | 000,000,724 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-27 17:48:13 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-27 09:50:51 | 000,208,507 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-08-27 09:50:49 | 000,188,632 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-08-26 01:43:37 | 000,041,998 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:35 | 000,051,420 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:22 | 000,099,161 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:34 | 002,947,570 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-16 08:39:48 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-08-14 21:36:37 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-10 21:58:44 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-08-07 18:34:59 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-08-04 19:01:29 | 000,156,156 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\11.jpg
[2012-07-31 15:10:30 | 325,857,436 | ---- | M] () -- C:\Documents and Settings\Milad\Mina dokument\TempImage.nrg
[2012-07-30 23:50:29 | 000,175,268 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\mbl_313011_sv.pdf
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-08-29 18:26:49 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 12:23:17 | 000,112,568 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 01:04:33 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 17:39:23 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:38 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 16:58:29 | 000,157,790 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-26 01:43:46 | 000,041,998 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:39 | 000,051,420 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:26 | 000,099,161 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:32 | 002,947,570 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-22 20:10:52 | 001,396,296 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\DSC00092.JPG
[2012-08-16 08:39:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-07-31 15:09:24 | 325,857,436 | ---- | C] () -- C:\Documents and Settings\Milad\Mina dokument\TempImage.nrg
[2012-07-30 23:50:35 | 000,175,268 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\mbl_313011_sv.pdf
[2012-07-22 23:58:42 | 000,208,507 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-07-22 23:58:40 | 000,188,632 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-07-22 23:52:19 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\housecall.guid.cache
[2012-05-27 02:03:26 | 000,000,205 | -HS- | C] () -- C:\Documents and Settings\Milad\.ufsxsci.hbin
[2012-05-24 17:21:32 | 000,088,656 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012-05-11 14:12:16 | 005,584,046 | ---- | C] () -- C:\Program\FileZilla FTP Client.rar
[2012-04-25 09:04:56 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Milad\g2mdlhlpx.exe
[2012-02-15 09:17:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011-06-15 22:56:21 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\droidcam-settings
[2011-04-07 19:22:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Encrypt.dll
[2011-04-07 19:22:23 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\zdlcsv.ds.dll
[2011-04-07 19:22:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\Sales_MultiDL_MSM7227_V1.00.01.ini
[2011-04-07 19:22:15 | 000,578,611 | ---- | C] () -- C:\WINDOWS\adb.exe
[2011-04-07 19:22:14 | 000,000,022 | ---- | C] () -- C:\WINDOWS\sysdt.dll
[2011-01-14 20:59:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-01-08 16:58:07 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Milad\.java.policy
[2010-11-10 04:45:32 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010-11-10 04:45:30 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-11-10 04:45:20 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-11-10 04:31:42 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010-02-26 00:01:54 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Milad\Application Data\fontdb.mdb
[2009-10-25 00:43:14 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009-11-06 11:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2011-06-16 08:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012-08-29 18:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009-11-04 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010-02-26 02:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2011-06-16 07:46:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009-11-01 02:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012-08-28 07:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2009-12-27 11:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012-08-29 18:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012-07-11 22:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2012-03-25 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nike
[2009-12-27 11:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012-08-28 22:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2010-08-21 01:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012-08-27 16:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012-06-20 12:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\4D
[2011-01-08 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Agency9
[2011-06-16 08:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG10
[2012-08-29 14:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2010-02-26 00:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\BorWare
[2010-08-02 21:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\DesktopMirror
[2012-08-29 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\EditPlus 3
[2012-08-29 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\FileZilla
[2010-02-05 11:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Free YouTube to Mp3 Wma Converter
[2009-11-06 11:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\iid
[2011-09-09 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Leadertech
[2011-09-14 12:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\LEAPS
[2012-07-22 22:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Microgaming
[2009-12-27 11:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Nokia
[2012-08-21 22:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2009-12-27 11:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\PC Suite
[2011-09-14 12:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Pegasys Inc
[2009-11-11 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Personal
[2011-12-19 01:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\TeamViewer
[2012-08-29 10:10:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012-08-29 20:40:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012-08-29 18:05:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012-08-29 14:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010-05-14 23:25:03 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1264284264.job
[2012-08-29 22:57:06 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012-08-29 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 02:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=74BB7DCD2BFDCC0E52869DB3582CA781 -- C:\WINDOWS\explorer.exe
[2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=74BB7DCD2BFDCC0E52869DB3582CA781 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004-08-04 01:34:20 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=87A3C8EAD27CF3591713D629D8BCB990 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES >
[2001-09-28 16:00:00 | 000,007,131 | ---- | M] () MD5=E64717F6967459C8ADC50F74CB4DFA1F -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES.CNF >
[2008-01-03 04:48:29 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Documents and Settings\Milad\Mina dokument\Mina webbplatser\_vti_pvt\services.cnf
[2008-03-17 14:30:54 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Documents and Settings\Milad\Skrivbord\Mina dokument\Mina webbplatser\_vti_pvt\services.cnf
[2012-08-02 11:28:27 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\WS_FTP\FTP Downloads\internet\hallunda bilverkstad\hallundabilverkstad.se\public_html\_vti_pvt\services.cnf
[2006-06-11 01:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\backup 20090321\naturalenergy.se\_vti_pvt\services.cnf
[2005-05-17 00:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\naturalenergy.se\Copy of old hemsida\_vti_pvt\services.cnf
[2005-05-17 00:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\naturalenergy.se\hemsida\_vti_pvt\services.cnf
[2007-02-03 01:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\QL Traning Center\OLD hemsida\_vti_pvt\services.cnf
[2012-06-07 21:19:28 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\securityhouse.se\_vti_pvt\services.cnf
[2004-04-09 00:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\thaiacademy.com\hemsida\_vti_pvt\services.cnf
[2004-04-09 00:00:00 | 000,000,002 | ---- | M] () MD5=A55822426A5330C04625A41D264C190B -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\thaiacademy.com\old2\_vti_pvt\services.cnf

< MD5 for: SERVICES.EXE >
[2004-08-04 01:34:42 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=0DF00535E2F5AEFAEAD3A800F75137AF -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009-02-09 13:19:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=5DD875F92626DC3C8F46AB3E6CC1C98E -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009-02-09 13:27:07 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=8870B0C4A094C1CE80CEA6F85FA38FF2 -- C:\WINDOWS\system32\dllcache\services.exe
[2009-02-09 13:27:07 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=8870B0C4A094C1CE80CEA6F85FA38FF2 -- C:\WINDOWS\system32\services.exe
[2008-04-14 18:05:18 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=9436FEE6DF0F12AABDE97BEA8501B538 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008-04-14 18:05:18 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=9436FEE6DF0F12AABDE97BEA8501B538 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SERVICES.GIF >
[2007-07-24 00:00:00 | 000,000,596 | ---- | M] () MD5=8125BA9D242340E88E81F1CCB949CAB2 -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\bodyguardservice.se\bilder\services.gif
[2012-06-07 21:19:48 | 000,000,596 | ---- | M] () MD5=8125BA9D242340E88E81F1CCB949CAB2 -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\securityhouse.se\bilder\services.gif

< MD5 for: SERVICES.HTML >
[2012-06-07 21:19:13 | 000,007,574 | ---- | M] () MD5=4E10870EB9A3538A7350D22A6955631F -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\securityhouse.se\services.html

< MD5 for: SERVICES.MSC >
[2001-09-28 16:00:00 | 000,033,069 | ---- | M] () MD5=3BC34A0485D0B7D36F3901A3402C42EC -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.PHP >
[2012-02-23 14:43:07 | 000,002,255 | ---- | M] () MD5=906D006E1A2E9A64A4523AFE80DE2419 -- C:\WS_FTP\FTP Downloads\internet\tva tre ganger\public_html\wp-content\plugins\yet-another-related-posts-plugin\services.php

< MD5 for: SERVICES.PSD >
[2007-07-24 00:00:00 | 000,304,876 | ---- | M] () MD5=BEF22868781B719682D1CF27525AB2B6 -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\bodyguardservice.se\bilder\services.psd
[2012-06-07 21:19:48 | 000,304,876 | ---- | M] () MD5=BEF22868781B719682D1CF27525AB2B6 -- C:\WS_FTP\FTP Downloads\ovrigt avslutade 32GB\securityhouse.se\bilder\services.psd

< MD5 for: SVCHOST.EXE >
[2004-08-04 01:34:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=22D8A75754B7B9ECC4753E3C09A56B18 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008-04-14 18:05:21 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6CCEF19D7301D9861F90E299C798AD3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008-04-14 18:05:21 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=6CCEF19D7301D9861F90E299C798AD3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008-04-14 18:05:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 18:05:22 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=317799A2E42B5EA048A8A70F482CBA9F -- C:\WINDOWS\system32\userinit.exe
[2004-08-04 01:34:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=452202227D7A5020D058D49106C0B872 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004-08-04 01:34:52 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=3E080D3D4F81B0638766CCC4D7707D10 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 18:05:23 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ABD2D070BE76A9386A0A283A332E3862 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 18:05:23 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ABD2D070BE76A9386A0A283A332E3862 -- C:\WINDOWS\system32\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"Type" = 32
"Start" = 2
"ErrorControl" = 1
"ImagePath" = %SystemRoot%\system32\svchost.exe -k netsvcs -- [2008-04-14 18:05:21 | 000,014,336 | ---- | M] (Microsoft Corporation)
"DisplayName" = Background Intelligent Transfer Service
"DependOnService" = Rpcss [binary data] -- [2009-02-09 12:56:00 | 000,401,408 | ---- | M] (Microsoft Corporation)
"DependOnGroup" = [binary data]
"ObjectName" = LocalSystem
"Description" = Överför filer i bakgrunden genom att använda ledig nätverksbandbredd. Om tjänsten stoppas kommer funktioner såsom Windows Update och MSN Explorer inte att automatiskt hämta program eller annan information. Om den här tjänsten inaktiveras kommer inga tjänster som uttryckligen beror på denna att kunna överföra filer om de inte har någon annan funktionalitet för att överföra filer direkt genom Internet Explorer om BITS har inaktiverats.
"FailureActions" = 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 E3 0C 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = C:\WINDOWS\system32\qmgr.dll -- [2008-04-14 18:04:47 | 000,409,088 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]
"0" = Root\LEGACY_BITS\0000
"Count" = 1
"NextInstance" = 1

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F4CA4D70

< End of report >


HERE IS THE EXTRAS.Txt
OTL Extras logfile created on: 2012-08-29 23:25:10 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Milad\Skrivbord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 78,80% Memory free
4,84 Gb Paging File | 4,38 Gb Available in Paging File | 90,43% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 5,59 Gb Free Space | 3,75% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 48,26 Gb Free Space | 64,75% Space Free | Partition Type: NTFS

Computer Name: MILAD-89686FC7A | User Name: Milad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\steam\Steam.exe" = C:\steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program\AVG\AVG8\avgam.exe" = C:\Program\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe
"C:\Program\AVG\AVG8\avgdiag.exe" = C:\Program\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe
"C:\Program\AVG\AVG8\avgdiagex.exe" = C:\Program\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe
"C:\Program\AVG\AVG8\avgupd.exe" = C:\Program\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program\AVG\AVG8\avgnsx.exe" = C:\Program\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program\NETGEAR\Stora Desktop Applications\DesktopMirror\rsync.exe" = C:\Program\NETGEAR\Stora Desktop Applications\DesktopMirror\rsync.exe:*:Enabled:HipServ DesktopMirror (rsync)
"C:\Program\NETGEAR\Stora Desktop Applications\DesktopMirror\ssh.exe" = C:\Program\NETGEAR\Stora Desktop Applications\DesktopMirror\ssh.exe:*:Enabled:HipServ DesktopMirror (ssh)
"C:\Program\NETGEAR\Stora Desktop Applications\QuickConnect\AxentraPicturesWizard.exe" = C:\Program\NETGEAR\Stora Desktop Applications\QuickConnect\AxentraPicturesWizard.exe:*:Enabled:HipServ Pictures Wizard
"C:\Program\NETGEAR\Stora Desktop Applications\QuickConnect\AxentraSmartShortcut.exe" = C:\Program\NETGEAR\Stora Desktop Applications\QuickConnect\AxentraSmartShortcut.exe:*:Enabled:HipServ SmartShortcut
"C:\Program\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe" = C:\Program\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe:*:Enabled:HipServAgent
"D:\Setup\StoraSetup.exe" = D:\Setup\StoraSetup.exe:*:Enabled:Stora Setup
"C:\Program\Skype\Plugin Manager\skypePM.exe" = C:\Program\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe" = C:\Program\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Enhetskonfiguration -- (Hewlett-Packard Co.)
"C:\Program\TeamViewer\Version6\TeamViewer.exe" = C:\Program\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program\DroidCam\DroidCamApp.exe" = C:\Program\DroidCam\DroidCamApp.exe:*:Enabled:DroidCam Client -- ()
"C:\Program\AVG\AVG10\avgmfapx.exe" = C:\Program\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program\TeamViewer\Version7\TeamViewer.exe" = C:\Program\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program\Delade filer\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\steam\steamapps\realvenom\counter-strike\hl.exe" = C:\steam\steamapps\realvenom\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Program\AVG\AVG2012\avgmfapx.exe" = C:\Program\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program\Logitech\Vid HD\Vid.exe" = C:\Program\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1D18269B-E866-44B1-A02C-52D9388C7F7C}" = UDVR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F6126F-60F3-46E3-81AC-8F51CA4074ED}_is1" = ZTE Handset USB Driver 5.2066.1.7
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 29
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38795F08-1CAA-4674-85DF-A6CEE99F4BF8}" = NcFTP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto och bilduppbyggnad 2.0 - All-in-One Drivrutin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72511416-7F2E-48F6-8D48-9A7176F44403}" = TMPGEnc 4.0 XPress
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hjälp
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9028041D-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional med FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto och bilduppbyggnad 2.0 - All-in-One
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D71329D-95A5-4297-8F79-DCDBD156420A}" = Windows Live Essentials
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1053-7B44-A95000000001}" = Adobe Reader 9.5.2 - Svenska
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA31F48A-C811-30B4-AD93-1986C7838442}" = Google Talk Plugin
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D697A3D5-81A7-4F5D-8FCE-3CD7D0A9656B}" = HP Deskjet 2050 J510 series Produktförbättringsstudie
"{DF44463D-7246-482C-89C3-4AC5A5466999}" = HP Deskjet 2050 J510 series Grundläggande enhetsprogramvara
"{E77A53A2-4623-4635-AE7F-702152168EE5}" = Google Drive
"{E7DF4F40-A0CE-430E-8B3B-DB7C8DF1C1A2}" = ActivePerl 5.10.1 Build 1006
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F13225E2-6533-4923-A657-083A151E667E}" = Windows Live Messenger
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-drivrutinspaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CutePDF Writer Installation" = CutePDF Writer 2.8
"EditPlus 3" = EditPlus 3
"Ext2Ifs_for_NT501" = Ext2 IFS 1.11a for Windows XP
"FileZilla Client" = FileZilla Client 3.5.3
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"Free YouTube to Mp3 Wma Converter_is1" = Free YouTube to Mp3 Wma Converter 3.5.1.1 Build 76
"Generic 6501 Sound" = C-Media 6501 Sound
"HP Photo Creations" = HP Photo Creations
"HP PSC 1200 Series" = HP Foto och bilduppbyggnad 2.0 - hp psc 1200 series
"hp psc 1200 series_Driver" = hp psc 1200 series
"ie8" = Windows Internet Explorer 8
"iid" = Net iD 5.3
"Logitech Vid" = Logitech Vid HD
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.19)" = Mozilla Firefox (3.5.19)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nike+ Connect" = Nike+ Connect
"NVIDIA Drivers" = NVIDIA Drivers
"Personal" = BankID säkerhetsprogram 4.18.1
"Picasa 3" = Picasa 3
"Raise Data Recovery for XFS_is1" = Raise Data Recovery for XFS, version 5.3
"Remote Administrator v2.1" = Remote Administrator v2.1
"SMS2PC" = SMS2PC
"Steam App 10" = Counter-Strike
"Steam App 310" = Team Fortress 2 Dedicated Server
"SWiX_is1" = SWiX 1.3.0.1927
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"UFS Explorer Standard Recovery (version 5)_is1" = UFS Explorer Standard Recovery, version 5.3
"UNI_BAS" = UNI_BAS
"UNI_BAS-v12" = UNI_BAS-v12
"unibetpoker (Poker)" = Unibet
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 1.0.2
"vShare.tv plugin" = vShare.tv plugin 1.3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-725345543-152049171-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F46C75A-353C-485D-96FA-132EEA310EA3}_is1" = Albelli Fotoböcker
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.1.0.880

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012-08-28 15:03:04 | Computer Name = MILAD-89686FC7A | Source = Userenv | ID = 1041
Description = Det går inte att läsa {7B849a69-220F-451E-B3FE-2CB811AF94AE} från
registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen
på fel i registret.

Error - 2012-08-28 15:03:04 | Computer Name = MILAD-89686FC7A | Source = Userenv | ID = 1041
Description = Det går inte att läsa {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} från
registerposten DllName Detta kommer inte att läsas in. Problemet beror antagligen
på fel i registret.

Error - 2012-08-28 16:25:49 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program iexplore.exe, version 6.0.2900.5512, felaktig modul
urlmon.dll, version 6.0.2900.5512, felaktig adress 0x0003e6e7.

Error - 2012-08-29 07:46:14 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program hpoevm08.exe, version 4.2.0.21, felaktig modul ole32.dll,
version 5.1.2600.6168, felaktig adress 0x0002c8fd.

Error - 2012-08-29 07:52:35 | Computer Name = MILAD-89686FC7A | Source = MsiInstaller | ID = 11714
Description = Product: Google Talk Plugin -- Error 1714. The older version of Google
Talk Plugin cannot be removed. Contact your technical support group. System Error
1612.

Error - 2012-08-29 07:52:50 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program hpoevm08.exe, version 4.2.0.21, felaktig modul ole32.dll,
version 5.1.2600.6168, felaktig adress 0x0002c8fd.

Error - 2012-08-29 08:06:32 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program hpoevm08.exe, version 4.2.0.21, felaktig modul ole32.dll,
version 5.1.2600.6168, felaktig adress 0x0002c8fd.

Error - 2012-08-29 13:41:52 | Computer Name = MILAD-89686FC7A | Source = MsiInstaller | ID = 11714
Description = Product: Google Talk Plugin -- Error 1714. The older version of Google
Talk Plugin cannot be removed. Contact your technical support group. System Error
1612.

Error - 2012-08-29 16:48:35 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program hpoevm08.exe, version 4.2.0.21, felaktig modul ole32.dll,
version 5.1.2600.6168, felaktig adress 0x0002c8fd.

Error - 2012-08-29 17:01:40 | Computer Name = MILAD-89686FC7A | Source = Application Error | ID = 1000
Description = Felaktigt program hpoevm08.exe, version 4.2.0.21, felaktig modul ole32.dll,
version 5.1.2600.6168, felaktig adress 0x0002c8fd.

[ System Events ]
Error - 2012-08-29 08:03:31 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7000
Description = Tjänsten Realtek EAPPkt Protocol kunde inte startas på grund av följande
fel: %%2

Error - 2012-08-29 08:03:39 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7026
Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av
fel under start: Ext2fs IfsMount

Error - 2012-08-29 08:04:20 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7009
Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten IMAPI
CD-Burning COM Service ska ansluta.

Error - 2012-08-29 08:04:20 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7000
Description = Tjänsten IMAPI CD-Burning COM Service kunde inte startas på grund
av följande fel: %%1053

Error - 2012-08-29 12:22:15 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7000
Description = Tjänsten Realtek EAPPkt Protocol kunde inte startas på grund av följande
fel: %%2

Error - 2012-08-29 12:22:15 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7026
Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av
fel under start: Ext2fs IfsMount

Error - 2012-08-29 12:40:27 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7000
Description = Tjänsten Realtek EAPPkt Protocol kunde inte startas på grund av följande
fel: %%2

Error - 2012-08-29 12:40:27 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7026
Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av
fel under start: Ext2fs IfsMount

Error - 2012-08-29 16:57:32 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7000
Description = Tjänsten Realtek EAPPkt Protocol kunde inte startas på grund av följande
fel: %%2

Error - 2012-08-29 16:57:32 | Computer Name = MILAD-89686FC7A | Source = Service Control Manager | ID = 7026
Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av
fel under start: Ext2fs IfsMount


< End of report >
  • 0

#4
milad77
Posted 29 August 2012 - 04:31 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I just wanted to add that my google chrome browser doesnt seem to work anymore :(
  • 0

#5
Crowbar
Posted 29 August 2012 - 04:45 PM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi there,
I see that you have another request for help at MajorGeeks.com. here
If you want me to help you here, you are going to have to post in that thread and request that it be closed, so that there are not 2 people working on the same problem. Same goes if you have posted for help anywhere else.
Give me a little while to go over your log files, and get my fix approved :)
  • 0

#6
milad77
Posted 29 August 2012 - 05:23 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I understand, Im sorry, i have closed that thread. Im not doing anything til you tell me to. If you say jump, Il ask how high? :)
  • 0

#7
Crowbar
Posted 30 August 2012 - 07:49 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi,
I promise that I won't ask you to jump, but if you feel like jumping, then please go ahead and jump away! :)

Step 1
Let's clear out your cookies, which will help to get rid of your yieldmanager issues.
  • Exit Internet Explorer 8, and then exit any instances of Windows Explorer.
  • Do the following:
In Windows XP, click Start, click Run, type inetcpl.cpl in the Open box, and then press ENTER.
Posted Image

Posted Image

On the General tab, click Delete under Browsing History in the Internet Properties dialog box.

Posted Image

In the Delete Browsing History dialog box, click to clear all of the check boxes except for the Cookies check box, and then click Delete.

Posted Image

Step 2
Does Chrome not run at all? If you can start Chrome, then do the following:

  • Click the wrench icon Posted Image tools menu on the browser toolbar.
  • Select Settings.
  • Click Show advanced settings.
  • In the "Privacy" section, click the Content settings button.
  • In the "Cookies" section, you can change the following cookies settings: Click All cookies and site data to open the Cookies and Other Data dialog.
  • To delete all cookies, click Remove all at the bottom of the dialog.

Step 3
  • At the top of the Firefox window, click on the Firefox button, go over to the History menu (click on the Tools menu in Windows XP) and select Clear Recent History....
  • Set Time range to clear to Everything.
  • Click on the arrow next to Details to expand the list of history items.
  • Select Cookies and make sure that other items you want to keep are not selected.
Posted Image
  • Click Clear Now to clear the cookies and close the Clear Recent History window.

Step 4
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

Step 5

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad windows. OTL.Txt It will be saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it in your next response


In your next reply I would like to see:
  • Were you able to remove cookies? Even with Chrome?
  • ADWcleaner log
  • OTL quick scan log

  • 0

#8
milad77
Posted 30 August 2012 - 02:59 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Thank you very much for the effort Crowbar. I would vote you for president right now :)

# AdwCleaner v2.000 - Logfile created 08/30/2012 at 22:04:17
# Updated 30/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Milad - MILAD-89686FC7A
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\Milad\LOKALA~1\Temp\Uninstall.exe
File Deleted : C:\Program\Mozilla Firefox\.autoreg
File Deleted : C:\Program\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Program\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\DOCUME~1\Milad\LOKALA~1\Temp\AskSearch
Folder Deleted : C:\DOCUME~1\Milad\LOKALA~1\Temp\avg@toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SweetIM
Folder Deleted : C:\Program\SweetIM
Folder Deleted : C:\Program\vShare.tv plugin

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[R1].txt - [5145 octets] - [30/08/2012 22:04:00]
AdwCleaner[S1].txt - [5361 octets] - [30/08/2012 22:04:17]

########## EOF - C:\AdwCleaner[S1].txt - [5421 octets] ##########


OTL logfile created on: 2012-08-30 22:44:33 - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Milad\Skrivbord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,44 Gb Available Physical Memory | 81,47% Memory free
4,84 Gb Paging File | 3,84 Gb Available in Paging File | 79,23% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 5,52 Gb Free Space | 3,70% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 48,26 Gb Free Space | 64,75% Space Free | Partition Type: NTFS

Computer Name: MILAD-89686FC7A | User Name: Milad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-08 21:04:06 | 000,070,656 | ---- | M] (Nike) -- C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012-08-06 15:07:52 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\steam\steam.exe
PRC - [2012-07-20 15:17:14 | 012,218,904 | ---- | M] (Google) -- C:\Program\Google\Drive\googledrivesync.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-31 21:15:48 | 001,087,896 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2010-10-29 22:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\Vid HD\Vid.exe
PRC - [2010-02-01 13:39:54 | 000,099,640 | ---- | M] (SecMaker AB) -- C:\Program\Net iD\iid.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-09 19:21:38 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003-04-09 19:11:12 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003-04-09 18:59:24 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003-04-09 18:49:36 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe


========== Modules (No Company Name) ==========

MOD - [2012-08-30 22:25:15 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\_elementtree.pyd
MOD - [2012-08-30 22:25:15 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\_socket.pyd
MOD - [2012-08-30 22:25:14 | 000,571,392 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\pysqlite2._sqlite.pyd
MOD - [2012-08-30 22:25:14 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32api.pyd
MOD - [2012-08-30 22:25:13 | 000,263,168 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32com.shell.shell.pyd
MOD - [2012-08-30 22:25:13 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\pyexpat.pyd
MOD - [2012-08-30 22:25:13 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._html2.pyd
MOD - [2012-08-30 22:25:13 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32crypt.pyd
MOD - [2012-08-30 22:25:12 | 000,792,576 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._gdi_.pyd
MOD - [2012-08-30 22:25:11 | 001,018,368 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\windows._cacheinvalidation.pyd
MOD - [2012-08-30 22:25:09 | 000,354,304 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\pythoncom26.dll
MOD - [2012-08-30 22:25:09 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\_ctypes.pyd
MOD - [2012-08-30 22:25:08 | 000,731,136 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._misc_.pyd
MOD - [2012-08-30 22:25:07 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\PyWinTypes26.dll
MOD - [2012-08-30 22:25:05 | 000,645,120 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\_ssl.pyd
MOD - [2012-08-30 22:25:04 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32pdh.pyd
MOD - [2012-08-30 22:25:03 | 001,169,408 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._core_.pyd
MOD - [2012-08-30 22:25:03 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32process.pyd
MOD - [2012-08-30 22:25:01 | 000,311,808 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\_hashlib.pyd
MOD - [2012-08-30 22:25:00 | 000,807,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._windows_.pyd
MOD - [2012-08-30 22:24:59 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._wizard.pyd
MOD - [2012-08-30 22:24:59 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32file.pyd
MOD - [2012-08-30 22:24:58 | 001,056,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\wx._controls_.pyd
MOD - [2012-08-30 22:24:58 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32inet.pyd
MOD - [2012-08-30 22:24:56 | 000,585,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\unicodedata.pyd
MOD - [2012-08-30 22:24:56 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\win32event.pyd
MOD - [2012-08-30 22:24:55 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI27562\select.pyd
MOD - [2012-08-25 20:55:53 | 020,317,008 | ---- | M] () -- C:\steam\bin\libcef.dll
MOD - [2012-08-25 20:55:34 | 000,902,480 | ---- | M] () -- C:\steam\bin\chromehtml.dll
MOD - [2012-08-25 20:55:32 | 000,123,232 | ---- | M] () -- C:\steam\bin\avutil-51.dll
MOD - [2012-08-25 20:55:31 | 001,099,616 | ---- | M] () -- C:\steam\bin\avcodec-53.dll
MOD - [2012-08-25 20:55:31 | 000,190,816 | ---- | M] () -- C:\steam\bin\avformat-53.dll
MOD - [2012-03-11 14:55:40 | 000,088,656 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program\FileZilla FTP Client\fzshellext.dll
MOD - [2011-02-26 21:01:48 | 000,163,840 | ---- | M] () -- C:\Program\DroidCam\lib\DroidCam.dll
MOD - [2010-10-29 22:02:38 | 000,751,616 | ---- | M] () -- C:\Program\Logitech\Vid HD\vpxmd.dll
MOD - [2010-10-29 22:01:30 | 000,027,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\SDL.dll
MOD - [2010-05-07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010-05-07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010-05-07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010-05-07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010-05-07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009-04-22 23:53:56 | 000,969,040 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009-04-10 01:04:56 | 002,141,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtCore4.dll
MOD - [2009-03-04 00:18:08 | 000,138,064 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009-03-04 00:18:06 | 000,035,152 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009-03-04 00:18:06 | 000,029,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009-03-04 00:17:46 | 011,311,952 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009-03-04 00:17:46 | 000,363,856 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtXml4.dll
MOD - [2009-03-04 00:17:44 | 000,200,016 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtSql4.dll
MOD - [2009-03-04 00:17:40 | 000,475,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009-03-04 00:17:38 | 007,704,400 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtGui4.dll
MOD - [2009-03-04 00:17:32 | 000,291,664 | ---- | M] () -- C:\Program\Logitech\Vid HD\phonon4.dll
MOD - [2008-04-14 18:04:42 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-08-29 15:39:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2003-04-07 22:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\ifsmount.sys -- (IfsMount)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\ext2fs.sys -- (Ext2fs)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-01-18 08:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-06-15 22:52:42 | 000,021,376 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\droidcam.sys -- (DroidCam)
DRV - [2010-10-20 16:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2010-10-18 14:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\androidusb.sys -- (androidusb)
DRV - [2010-10-18 14:12:32 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010-05-07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-10-24 21:04:16 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-03 23:16:58 | 000,105,856 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hwusbser.sys -- (qcusbser)
DRV - [2007-07-10 09:42:32 | 001,310,720 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\c6501.sys -- (c65013264)
DRV - [2005-09-30 12:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-09-30 12:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-08-18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{4B99678A-87FC-4340-AD79-FFCFA985804B}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim....-001BFCAE33F1}"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2
FF - prefs.js..keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.se/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweeti...h.asp?src=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-05-28 18:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-30 22:04:18 | 000,000,000 | ---D | M]

[2009-11-01 14:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Extensions
[2012-08-29 22:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions
[2011-04-10 09:42:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-08-28 17:51:50 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-08-27 16:00:22 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-08-28 17:52:00 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\searchplugins\sweetim.xml
[2012-05-16 14:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions
[2012-08-23 19:56:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-09-16 23:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-26 20:22:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-06-29 13:15:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-11-28 11:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2010-09-16 23:35:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\mozilla firefox\plugins\npdeployJava1.dll
[2009-01-09 10:57:10 | 000,111,856 | ---- | M] (SecMaker AB) -- C:\Program\mozilla firefox\plugins\npiidplg.dll
[2011-07-25 13:28:22 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2011-07-25 13:28:22 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2011-07-25 13:28:22 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,647 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://www.google.se/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.se/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Net iD (Enabled) = C:\Program\Mozilla Firefox\plugins\npiidplg.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: vshare plugin = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: vshare plugin = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\

O1 HOSTS File: ([2012-08-28 16:47:01 | 000,000,724 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [LWS] C:\Program\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Net iD] C:\Program\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Logitech Vid] C:\Program\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hp psc 1000 series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hpoddt01.exe.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://192.168.0.11/dcsclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F3DCFC89-8C6E-4052-9176-B7806D188FD5} http://www.fujidirek...aderactivex.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4865552-4657-40E8-826F-E6588CB59E94}: DhcpNameServer = 83.255.245.11 193.150.193.150
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-24 19:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-29 23:06:33 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 14:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2012-08-29 13:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-29 01:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Program\SUPERAntiSpyware
[2012-08-28 21:55:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012-08-28 17:51:29 | 000,000,000 | ---D | C] -- C:\Program\Yieldmanager Removal Tool
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Start-meny\Program\HiJackThis
[2012-08-28 16:01:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012-08-28 07:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012-08-28 07:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\AVG
[2012-08-28 07:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-08-27 16:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012-08-27 16:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Downloaded Installations
[2012-08-27 16:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\adawarebp
[2012-08-27 09:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\Malwarebytes
[2012-08-27 09:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-08-27 08:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Help
[2012-08-21 22:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2012-08-21 22:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\APN
[2012-08-18 21:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\PokerStars.EU
[2012-08-18 21:45:47 | 000,000,000 | ---D | C] -- C:\Program\PokerStars.EU
[2012-08-07 18:34:59 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-08-30 22:41:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003UA.job
[2012-08-30 22:38:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-08-30 22:36:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-30 22:24:40 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-30 22:24:38 | 000,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012-08-30 22:24:05 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-30 22:24:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012-08-30 22:23:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-30 22:03:05 | 000,511,265 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 20:40:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012-08-30 18:05:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012-08-30 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-30 15:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003Core.job
[2012-08-30 14:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012-08-30 10:10:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012-08-30 02:00:07 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-30 00:24:45 | 000,451,975 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 23:01:35 | 000,000,489 | ---- | M] () -- C:\WINDOWS\System\C6501.ini
[2012-08-29 19:41:49 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-08-29 18:26:49 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 13:49:25 | 000,174,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-29 12:23:17 | 000,112,568 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 03:01:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-08-29 01:04:33 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 23:18:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2012-08-28 17:39:27 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:55 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 17:08:15 | 000,435,010 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2012-08-28 17:08:15 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-28 17:08:15 | 000,079,216 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2012-08-28 17:08:15 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-28 16:58:30 | 000,157,790 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-28 16:47:01 | 000,000,724 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-27 17:48:13 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-27 09:50:51 | 000,208,507 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-08-27 09:50:49 | 000,188,632 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-08-26 01:43:37 | 000,041,998 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:35 | 000,051,420 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:22 | 000,099,161 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:34 | 002,947,570 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-16 08:39:48 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-08-14 21:36:37 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-10 21:58:44 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-08-07 18:34:59 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-08-04 19:01:29 | 000,156,156 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\11.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-08-30 22:03:05 | 000,511,265 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 00:24:45 | 000,451,975 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 18:26:49 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 12:23:17 | 000,112,568 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 01:04:33 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 17:39:23 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:38 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 16:58:29 | 000,157,790 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-26 01:43:46 | 000,041,998 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:39 | 000,051,420 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:26 | 000,099,161 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:32 | 002,947,570 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-22 20:10:52 | 001,396,296 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\DSC00092.JPG
[2012-08-16 08:39:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-07-22 23:58:42 | 000,208,507 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-07-22 23:58:40 | 000,188,632 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-07-22 23:52:19 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\housecall.guid.cache
[2012-05-27 02:03:26 | 000,000,205 | -HS- | C] () -- C:\Documents and Settings\Milad\.ufsxsci.hbin
[2012-05-24 17:21:32 | 000,088,656 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012-05-11 14:12:16 | 005,584,046 | ---- | C] () -- C:\Program\FileZilla FTP Client.rar
[2012-04-25 09:04:56 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Milad\g2mdlhlpx.exe
[2012-02-15 09:17:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011-06-15 22:56:21 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\droidcam-settings
[2011-04-07 19:22:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Encrypt.dll
[2011-04-07 19:22:23 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\zdlcsv.ds.dll
[2011-04-07 19:22:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\Sales_MultiDL_MSM7227_V1.00.01.ini
[2011-04-07 19:22:15 | 000,578,611 | ---- | C] () -- C:\WINDOWS\adb.exe
[2011-04-07 19:22:14 | 000,000,022 | ---- | C] () -- C:\WINDOWS\sysdt.dll
[2011-01-14 20:59:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-01-08 16:58:07 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Milad\.java.policy
[2010-11-10 04:45:32 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010-11-10 04:45:30 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-11-10 04:45:20 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-11-10 04:31:42 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010-02-26 00:01:54 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Milad\Application Data\fontdb.mdb
[2009-10-25 00:43:14 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009-11-06 11:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2011-06-16 08:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012-08-29 18:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009-11-04 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010-02-26 02:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2011-06-16 07:46:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009-11-01 02:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012-08-28 07:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2009-12-27 11:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012-08-29 18:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012-07-11 22:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2012-03-25 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nike
[2009-12-27 11:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-08-21 01:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012-06-20 12:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\4D
[2011-01-08 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Agency9
[2011-06-16 08:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG10
[2012-08-29 14:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2010-02-26 00:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\BorWare
[2010-08-02 21:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\DesktopMirror
[2012-08-29 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\EditPlus 3
[2012-08-29 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\FileZilla
[2010-02-05 11:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Free YouTube to Mp3 Wma Converter
[2009-11-06 11:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\iid
[2011-09-09 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Leadertech
[2011-09-14 12:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\LEAPS
[2012-07-22 22:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Microgaming
[2009-12-27 11:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Nokia
[2012-08-21 22:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2009-12-27 11:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\PC Suite
[2011-09-14 12:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Pegasys Inc
[2009-11-11 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Personal
[2011-12-19 01:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\TeamViewer
[2012-08-30 10:10:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012-08-30 20:40:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012-08-30 18:05:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012-08-30 14:00:00 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010-05-14 23:25:03 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1264284264.job
[2012-08-30 22:24:05 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012-08-30 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-30 02:00:07 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F4CA4D70

< End of report >
  • 0

#9
milad77
Posted 30 August 2012 - 03:00 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I forgott to say that I was unable to to start Chorme and therefor to delete the cookies :(
  • 0

#10
Crowbar
Posted 31 August 2012 - 09:00 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Thanks for your vote, but unfortunately I am not running for president at the moment :D

Step 1
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
[createrestorepoint]
:otl
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?crg=3.1010000.10005&barid={43715634-F128-11E1-94D7-001BFCAE33F1}"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.5.0.2
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
[2012-08-28 17:51:50 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-08-28 17:52:00 | 000,003,998 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\searchplugins\sweetim.xml
[2010-09-16 23:35:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-10-26 20:22:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-06-29 13:15:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-11-28 11:38:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011-08-31 12:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program\mozilla firefox\plugins\npvsharetvplg.dll
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O3 - HKU\S-1-5-21-725345543-152049171-839522115-1003\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program\vShare.tv plugin\BarLcher.dll File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found

:files
C:\WINDOWS\tasks\At*.job
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
C:\Program\vShare.tv plugin 
:commands
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2
For your Chrome issue, I would like to try to start it in incognito mode, as this will disable all extensions.
You do have a shortcut to Chrome on your desktop right?

  • I recommend first making a copy of your shortcut, that way you can access the browser normally too, once you've fixed whatever problem you're experiencing.
  • Find your copied Chrome shortcut, right click on it and select "Properties".
  • Select the "Target" field and append "-incognito" to the end of the command.
  • Click "Apply" and then "Okay" to save your changes.
  • double click on the edited shortcut to enter into a "Safe Mode"-style Chrome
Posted Image

If Chrome starts, please continue, if not, let me know the exact error message, if any, that you see.

Once Chrome is up and running, in the URL bar, please type in:
chrome://extensions
This will start the extension manager.
Please disable ANY extensions that have the word Vshare in the name.
Next type into the URL bar:
chrome://plugins
This will start the Plugins Manager
Please disable ANY plugins that have the word Vshare in the name, and then close Chrome.

Now start Chrome from your original shortcut. Does it start this time? If not, please describe what happened.

In your next reply I would like to see:
  • OTL log
  • Were you able to start Chrome and remove the Vshare entries?
  • What problems are you having with your computer, other than Chrome?

  • 0

Advertisements

#11
milad77
Posted 31 August 2012 - 10:34 AM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I couldnt change the path to google by adding "-incognito" at the end. It said unvaild/unknown pathfile when I hit the "Apply" button.

I still cant make a search on google using my explorer browser. And I still get yielmanager ads at the bottom, see pic.
Posted Image


OTL logfile created on: 2012-08-31 17:34:13 - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Milad\Skrivbord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 75,93% Memory free
4,84 Gb Paging File | 3,76 Gb Available in Paging File | 77,72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 13,64 Gb Free Space | 9,15% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 48,26 Gb Free Space | 64,75% Space Free | Partition Type: NTFS

Computer Name: MILAD-89686FC7A | User Name: Milad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-08 21:04:06 | 000,070,656 | ---- | M] (Nike) -- C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012-08-06 15:07:52 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\steam\steam.exe
PRC - [2012-07-20 15:17:14 | 012,218,904 | ---- | M] (Google) -- C:\Program\Google\Drive\googledrivesync.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-31 21:15:48 | 001,087,896 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2010-10-29 22:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\Vid HD\Vid.exe
PRC - [2010-02-01 13:39:54 | 000,099,640 | ---- | M] (SecMaker AB) -- C:\Program\Net iD\iid.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-09 19:21:38 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003-04-09 19:11:12 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003-04-09 18:59:24 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003-04-09 18:49:36 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe


========== Modules (No Company Name) ==========

MOD - [2012-08-31 17:31:11 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32api.pyd
MOD - [2012-08-31 17:31:11 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\_elementtree.pyd
MOD - [2012-08-31 17:31:11 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\_socket.pyd
MOD - [2012-08-31 17:31:10 | 000,571,392 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\pysqlite2._sqlite.pyd
MOD - [2012-08-31 17:31:10 | 000,263,168 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32com.shell.shell.pyd
MOD - [2012-08-31 17:31:09 | 000,792,576 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._gdi_.pyd
MOD - [2012-08-31 17:31:09 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\pyexpat.pyd
MOD - [2012-08-31 17:31:09 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._html2.pyd
MOD - [2012-08-31 17:31:09 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32crypt.pyd
MOD - [2012-08-31 17:31:08 | 001,018,368 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\windows._cacheinvalidation.pyd
MOD - [2012-08-31 17:31:06 | 000,354,304 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\pythoncom26.dll
MOD - [2012-08-31 17:31:06 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\_ctypes.pyd
MOD - [2012-08-31 17:31:05 | 000,731,136 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._misc_.pyd
MOD - [2012-08-31 17:31:04 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\PyWinTypes26.dll
MOD - [2012-08-31 17:31:03 | 000,645,120 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\_ssl.pyd
MOD - [2012-08-31 17:31:01 | 001,169,408 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._core_.pyd
MOD - [2012-08-31 17:31:01 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32process.pyd
MOD - [2012-08-31 17:31:01 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32pdh.pyd
MOD - [2012-08-31 17:30:59 | 000,807,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._windows_.pyd
MOD - [2012-08-31 17:30:59 | 000,311,808 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\_hashlib.pyd
MOD - [2012-08-31 17:30:58 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._wizard.pyd
MOD - [2012-08-31 17:30:58 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32file.pyd
MOD - [2012-08-31 17:30:56 | 001,056,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\wx._controls_.pyd
MOD - [2012-08-31 17:30:56 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32inet.pyd
MOD - [2012-08-31 17:30:55 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\win32event.pyd
MOD - [2012-08-31 17:30:54 | 000,585,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\unicodedata.pyd
MOD - [2012-08-31 17:30:53 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI21242\select.pyd
MOD - [2012-08-25 20:55:53 | 020,317,008 | ---- | M] () -- C:\steam\bin\libcef.dll
MOD - [2012-08-25 20:55:34 | 000,902,480 | ---- | M] () -- C:\steam\bin\chromehtml.dll
MOD - [2012-08-25 20:55:32 | 000,123,232 | ---- | M] () -- C:\steam\bin\avutil-51.dll
MOD - [2012-08-25 20:55:31 | 001,099,616 | ---- | M] () -- C:\steam\bin\avcodec-53.dll
MOD - [2012-08-25 20:55:31 | 000,190,816 | ---- | M] () -- C:\steam\bin\avformat-53.dll
MOD - [2012-03-11 14:55:40 | 000,088,656 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program\FileZilla FTP Client\fzshellext.dll
MOD - [2011-02-26 21:01:48 | 000,163,840 | ---- | M] () -- C:\Program\DroidCam\lib\DroidCam.dll
MOD - [2010-10-29 22:02:38 | 000,751,616 | ---- | M] () -- C:\Program\Logitech\Vid HD\vpxmd.dll
MOD - [2010-10-29 22:01:30 | 000,027,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\SDL.dll
MOD - [2010-05-07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010-05-07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010-05-07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010-05-07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010-05-07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009-04-22 23:53:56 | 000,969,040 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009-04-10 01:04:56 | 002,141,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtCore4.dll
MOD - [2009-03-04 00:18:08 | 000,138,064 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009-03-04 00:18:06 | 000,035,152 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009-03-04 00:18:06 | 000,029,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009-03-04 00:17:46 | 011,311,952 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009-03-04 00:17:46 | 000,363,856 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtXml4.dll
MOD - [2009-03-04 00:17:44 | 000,200,016 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtSql4.dll
MOD - [2009-03-04 00:17:40 | 000,475,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009-03-04 00:17:38 | 007,704,400 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtGui4.dll
MOD - [2009-03-04 00:17:32 | 000,291,664 | ---- | M] () -- C:\Program\Logitech\Vid HD\phonon4.dll
MOD - [2008-04-14 18:04:42 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-08-29 15:39:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2003-04-07 22:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\ifsmount.sys -- (IfsMount)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\ext2fs.sys -- (Ext2fs)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-01-18 08:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-06-15 22:52:42 | 000,021,376 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\droidcam.sys -- (DroidCam)
DRV - [2010-10-20 16:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2010-10-18 14:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\androidusb.sys -- (androidusb)
DRV - [2010-10-18 14:12:32 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010-05-07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-10-24 21:04:16 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-03 23:16:58 | 000,105,856 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hwusbser.sys -- (qcusbser)
DRV - [2007-07-10 09:42:32 | 001,310,720 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\c6501.sys -- (c65013264)
DRV - [2005-09-30 12:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-09-30 12:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-08-18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {4B99678A-87FC-4340-AD79-FFCFA985804B}
IE - HKCU\..\SearchScopes\{4B99678A-87FC-4340-AD79-FFCFA985804B}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.se/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-05-28 18:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-30 22:04:18 | 000,000,000 | ---D | M]

[2009-11-01 14:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Extensions
[2012-08-29 22:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions
[2011-04-10 09:42:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-08-27 16:00:22 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-08-31 17:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions
[2012-08-23 19:56:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MILAD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4K1UB718.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010-09-16 23:35:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\mozilla firefox\plugins\npdeployJava1.dll
[2009-01-09 10:57:10 | 000,111,856 | ---- | M] (SecMaker AB) -- C:\Program\mozilla firefox\plugins\npiidplg.dll
[2011-07-25 13:28:22 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2011-07-25 13:28:22 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2011-07-25 13:28:22 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,647 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://www.google.se/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.se/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Net iD (Enabled) = C:\Program\Mozilla Firefox\plugins\npiidplg.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\

O1 HOSTS File: ([2012-08-28 16:47:01 | 000,000,724 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [LWS] C:\Program\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Net iD] C:\Program\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Logitech Vid] C:\Program\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hp psc 1000 series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hpoddt01.exe.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://192.168.0.11/dcsclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F3DCFC89-8C6E-4052-9176-B7806D188FD5} http://www.fujidirek...aderactivex.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4865552-4657-40E8-826F-E6588CB59E94}: DhcpNameServer = 83.255.245.11 193.150.193.150
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-24 19:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-31 17:09:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-08-29 23:06:33 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 14:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2012-08-29 13:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-29 01:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Program\SUPERAntiSpyware
[2012-08-28 21:55:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012-08-28 17:51:29 | 000,000,000 | ---D | C] -- C:\Program\Yieldmanager Removal Tool
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Start-meny\Program\HiJackThis
[2012-08-28 16:01:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012-08-28 07:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012-08-28 07:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\AVG
[2012-08-28 07:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-08-27 16:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012-08-27 16:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Downloaded Installations
[2012-08-27 16:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\adawarebp
[2012-08-27 09:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\Malwarebytes
[2012-08-27 09:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-08-27 08:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Help
[2012-08-21 22:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2012-08-21 22:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\APN
[2012-08-18 21:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\PokerStars.EU
[2012-08-18 21:45:47 | 000,000,000 | ---D | C] -- C:\Program\PokerStars.EU
[2012-08-07 18:34:59 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys

========== Files - Modified Within 30 Days ==========

[2012-08-31 17:38:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-08-31 17:36:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-31 17:30:41 | 000,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012-08-31 17:30:08 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-08-31 17:29:48 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-31 17:29:48 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012-08-31 17:29:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-08-31 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-31 16:41:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003UA.job
[2012-08-31 16:26:42 | 000,000,489 | ---- | M] () -- C:\WINDOWS\System\C6501.ini
[2012-08-31 15:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003Core.job
[2012-08-31 02:00:10 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-30 22:03:05 | 000,511,265 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 00:24:45 | 000,451,975 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 19:41:49 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-08-29 18:26:49 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 13:49:25 | 000,174,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-29 12:23:17 | 000,112,568 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 03:01:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-08-29 01:04:33 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 23:18:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2012-08-28 17:39:27 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:55 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 17:08:15 | 000,435,010 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2012-08-28 17:08:15 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-28 17:08:15 | 000,079,216 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2012-08-28 17:08:15 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-28 16:58:30 | 000,157,790 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-28 16:47:01 | 000,000,724 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-27 17:48:13 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-27 09:50:51 | 000,208,507 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-08-27 09:50:49 | 000,188,632 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-08-26 01:43:37 | 000,041,998 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:35 | 000,051,420 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:22 | 000,099,161 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:34 | 002,947,570 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-16 08:39:48 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-08-14 21:36:37 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-10 21:58:44 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-08-07 18:34:59 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-08-04 19:01:29 | 000,156,156 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\11.jpg

========== Files Created - No Company Name ==========

[2012-08-30 22:03:05 | 000,511,265 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 00:24:45 | 000,451,975 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 18:26:49 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 12:23:17 | 000,112,568 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 01:04:33 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 17:39:23 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:38 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 16:58:29 | 000,157,790 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-26 01:43:46 | 000,041,998 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:39 | 000,051,420 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:26 | 000,099,161 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:32 | 002,947,570 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-22 20:10:52 | 001,396,296 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\DSC00092.JPG
[2012-08-16 08:39:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-07-22 23:58:42 | 000,208,507 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-07-22 23:58:40 | 000,188,632 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-07-22 23:52:19 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\housecall.guid.cache
[2012-05-27 02:03:26 | 000,000,205 | -HS- | C] () -- C:\Documents and Settings\Milad\.ufsxsci.hbin
[2012-05-24 17:21:32 | 000,088,656 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012-05-11 14:12:16 | 005,584,046 | ---- | C] () -- C:\Program\FileZilla FTP Client.rar
[2012-04-25 09:04:56 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Milad\g2mdlhlpx.exe
[2012-02-15 09:17:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011-06-15 22:56:21 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\droidcam-settings
[2011-04-07 19:22:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Encrypt.dll
[2011-04-07 19:22:23 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\zdlcsv.ds.dll
[2011-04-07 19:22:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\Sales_MultiDL_MSM7227_V1.00.01.ini
[2011-04-07 19:22:15 | 000,578,611 | ---- | C] () -- C:\WINDOWS\adb.exe
[2011-04-07 19:22:14 | 000,000,022 | ---- | C] () -- C:\WINDOWS\sysdt.dll
[2011-01-14 20:59:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-01-08 16:58:07 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Milad\.java.policy
[2010-11-10 04:45:32 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010-11-10 04:45:30 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-11-10 04:45:20 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-11-10 04:31:42 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010-02-26 00:01:54 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Milad\Application Data\fontdb.mdb
[2009-10-25 00:43:14 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009-11-06 11:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2011-06-16 08:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012-08-29 18:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009-11-04 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010-02-26 02:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2011-06-16 07:46:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009-11-01 02:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012-08-28 07:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2009-12-27 11:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012-08-29 18:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012-07-11 22:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2012-03-25 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nike
[2009-12-27 11:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-08-21 01:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012-06-20 12:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\4D
[2011-01-08 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Agency9
[2011-06-16 08:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG10
[2012-08-29 14:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2010-02-26 00:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\BorWare
[2010-08-02 21:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\DesktopMirror
[2012-08-29 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\EditPlus 3
[2012-08-29 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\FileZilla
[2010-02-05 11:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Free YouTube to Mp3 Wma Converter
[2009-11-06 11:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\iid
[2011-09-09 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Leadertech
[2011-09-14 12:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\LEAPS
[2012-07-22 22:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Microgaming
[2009-12-27 11:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Nokia
[2012-08-21 22:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2009-12-27 11:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\PC Suite
[2011-09-14 12:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Pegasys Inc
[2009-11-11 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Personal
[2011-12-19 01:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\TeamViewer
[2010-05-14 23:25:03 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1264284264.job
[2012-08-31 17:29:48 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012-08-31 17:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-31 02:00:10 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F4CA4D70

< End of report >
  • 0

#12
Crowbar
Posted 31 August 2012 - 03:08 PM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi mlad77,

Did you place the -incognito inside of the double quote "? Please make sure you put the -incognito after the quote.
Posted Image

then give my previous instructions about the plugins and extensions another try before moving on to the next step. If you can't get Chrome to start still, then you should continue on.

Step 1
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Please do not activate the trial version at this time.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I also noticed that you do not have much free space available on your system drive. Windows does not function %15 free. Right now you have about %9 free. Perhaps uninstall a few old programs you don't use any more.

In your next reply I would like to see:
  • Malwarebytes log
  • Chrome working?
  • Still seeing the ads in any of your browsers?

  • 0

#13
milad77
Posted 31 August 2012 - 07:35 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Posted Image

I could'nt start Chrome. And I have the same problem as before :(

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.31.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Milad :: MILAD-89686FC7A [administrator]

Protection: Disabled

2012-09-01 03:25:51
mbam-log-2012-09-01 (03-25-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208556
Time elapsed: 3 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#14
Crowbar
Posted 02 September 2012 - 02:16 PM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hi again,
Let's try a different approach.

We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
[createrestorepoint]
:files
C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll
ipconfig /flushdns /c
:commands
[emptytemp]
[reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2
Let's try to start Chrome from the command prompt
Click Start and run
in the run box please enter this:
"C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\chrome.exe" -incognito
and click OK.
Does Chrome start up in incognito mode now?
if so, please do this:
Once Chrome is up and running, in the URL bar, please type in:
chrome://extensions
This will start the extension manager.
Please disable ANY extensions that have the word Vshare in the name.
Next type into the URL bar:
chrome://plugins
This will start the Plugins Manager
Please disable ANY plugins that have the word Vshare in the name, and then close Chrome.

Again if it does not start, please tell me any error message that may appear.

In your next reply I would like to see:
  • OTL fix log
  • OTL quick scan log
  • any luck with Chrome this time?

  • 0

#15
milad77
Posted 02 September 2012 - 05:24 PM

milad77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Im sorry but everything is the same:
1. I still get this yield ads.
2. I still cant use Chrome.
3. I still cant make a search with google.com or use ANY google product like google drive fo ex.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
File\Folder C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj not found.
File\Folder C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll not found.
< ipconfig /flushdns /c >
IP-konfiguration för Windows
DNS-matcharens cacheminne har rensats.
C:\Documents and Settings\Milad\Skrivbord\cmd.bat deleted successfully.
C:\Documents and Settings\Milad\Skrivbord\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administratör
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Milad
->Temp folder emptied: 25934404 bytes
->Temporary Internet Files folder emptied: 114522143 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 978 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10039 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 134,00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 09032012_010452

Files\Folders moved on Reboot...
C:\Documents and Settings\Milad\Lokala inställningar\Temp\debug.log moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\X1NVPGRJ\0[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\X1NVPGRJ\recentposts[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\UEYAWP4O\0[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\QM4IP632\openhand[1].cur moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\P26E6QUK\hovercard[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\P26E6QUK\page__pid__2198727[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\HRPI8WFQ\0[2].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\ELMPIGBG\bv[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\ELMPIGBG\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\ELMPIGBG\frame[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\ELMPIGBG\ifr[1].htm moved successfully.
C:\Documents and Settings\Milad\Lokala inställningar\Temporary Internet Files\Content.IE5\ELMPIGBG\st[1] moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 2012-09-03 01:09:53 - Run 4
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Milad\Skrivbord
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 82,68% Memory free
4,84 Gb Paging File | 3,97 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 149,04 Gb Total Space | 16,80 Gb Free Space | 11,28% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 48,26 Gb Free Space | 64,75% Space Free | Partition Type: NTFS

Computer Name: MILAD-89686FC7A | User Name: Milad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-08 21:04:06 | 000,070,656 | ---- | M] (Nike) -- C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2012-08-06 15:07:52 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\steam\steam.exe
PRC - [2012-07-20 15:17:14 | 012,218,904 | ---- | M] (Google) -- C:\Program\Google\Drive\googledrivesync.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-31 21:15:48 | 001,087,896 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2011-06-09 14:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2010-10-29 22:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program\Logitech\Vid HD\Vid.exe
PRC - [2010-02-01 13:39:54 | 000,099,640 | ---- | M] (SecMaker AB) -- C:\Program\Net iD\iid.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003-04-09 19:21:38 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003-04-09 19:11:12 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003-04-09 18:59:24 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003-04-09 18:49:36 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe


========== Modules (No Company Name) ==========

MOD - [2012-09-03 01:08:40 | 000,571,392 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\pysqlite2._sqlite.pyd
MOD - [2012-09-03 01:08:40 | 000,096,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32api.pyd
MOD - [2012-09-03 01:08:40 | 000,086,016 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\_elementtree.pyd
MOD - [2012-09-03 01:08:40 | 000,040,448 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\_socket.pyd
MOD - [2012-09-03 01:08:39 | 000,792,576 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._gdi_.pyd
MOD - [2012-09-03 01:08:39 | 000,263,168 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32com.shell.shell.pyd
MOD - [2012-09-03 01:08:39 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\pyexpat.pyd
MOD - [2012-09-03 01:08:39 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._html2.pyd
MOD - [2012-09-03 01:08:37 | 001,018,368 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\windows._cacheinvalidation.pyd
MOD - [2012-09-03 01:08:36 | 000,073,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\_ctypes.pyd
MOD - [2012-09-03 01:08:33 | 000,354,304 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\pythoncom26.dll
MOD - [2012-09-03 01:08:32 | 000,731,136 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._misc_.pyd
MOD - [2012-09-03 01:08:31 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\PyWinTypes26.dll
MOD - [2012-09-03 01:08:30 | 000,645,120 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\_ssl.pyd
MOD - [2012-09-03 01:08:29 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32pdh.pyd
MOD - [2012-09-03 01:08:28 | 001,169,408 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._core_.pyd
MOD - [2012-09-03 01:08:26 | 000,311,808 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\_hashlib.pyd
MOD - [2012-09-03 01:08:25 | 000,807,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._windows_.pyd
MOD - [2012-09-03 01:08:25 | 000,121,856 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._wizard.pyd
MOD - [2012-09-03 01:08:24 | 001,056,256 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\wx._controls_.pyd
MOD - [2012-09-03 01:08:24 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32file.pyd
MOD - [2012-09-03 01:08:24 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32inet.pyd
MOD - [2012-09-03 01:08:22 | 000,585,728 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\unicodedata.pyd
MOD - [2012-09-03 01:08:22 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\win32event.pyd
MOD - [2012-09-03 01:08:22 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Temp\_MEI3082\select.pyd
MOD - [2012-08-25 20:55:53 | 020,317,008 | ---- | M] () -- C:\steam\bin\libcef.dll
MOD - [2012-08-25 20:55:34 | 000,902,480 | ---- | M] () -- C:\steam\bin\chromehtml.dll
MOD - [2012-03-11 14:55:40 | 000,088,656 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program\FileZilla FTP Client\fzshellext.dll
MOD - [2011-02-26 21:01:48 | 000,163,840 | ---- | M] () -- C:\Program\DroidCam\lib\DroidCam.dll
MOD - [2010-10-29 22:02:38 | 000,751,616 | ---- | M] () -- C:\Program\Logitech\Vid HD\vpxmd.dll
MOD - [2010-10-29 22:01:30 | 000,027,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\SDL.dll
MOD - [2010-05-07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010-05-07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010-05-07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010-05-07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010-05-07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009-04-22 23:53:56 | 000,969,040 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009-04-10 01:04:56 | 002,141,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtCore4.dll
MOD - [2009-03-04 00:18:08 | 000,138,064 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009-03-04 00:18:06 | 000,035,152 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009-03-04 00:18:06 | 000,029,008 | ---- | M] () -- C:\Program\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009-03-04 00:17:46 | 011,311,952 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009-03-04 00:17:46 | 000,363,856 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtXml4.dll
MOD - [2009-03-04 00:17:44 | 000,200,016 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtSql4.dll
MOD - [2009-03-04 00:17:40 | 000,475,472 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009-03-04 00:17:38 | 007,704,400 | ---- | M] () -- C:\Program\Logitech\Vid HD\QtGui4.dll
MOD - [2009-03-04 00:17:32 | 000,291,664 | ---- | M] () -- C:\Program\Logitech\Vid HD\phonon4.dll
MOD - [2008-04-14 18:04:42 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-08-29 15:39:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program\Delade filer\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Delade filer\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2003-04-07 22:21:46 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\ifsmount.sys -- (IfsMount)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [File_System | System | Stopped] -- system32\DRIVERS\ext2fs.sys -- (Ext2fs)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-01-18 08:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012-01-18 08:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011-06-15 22:52:42 | 000,021,376 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\droidcam.sys -- (DroidCam)
DRV - [2010-10-20 16:09:28 | 000,009,216 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2010-10-18 14:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\androidusb.sys -- (androidusb)
DRV - [2010-10-18 14:12:32 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010-05-07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-10-24 21:04:16 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009-05-03 23:16:58 | 000,105,856 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hwusbser.sys -- (qcusbser)
DRV - [2007-07-10 09:42:32 | 001,310,720 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\c6501.sys -- (c65013264)
DRV - [2005-09-30 12:52:22 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005-09-30 12:52:20 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005-08-18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2004-08-13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {4B99678A-87FC-4340-AD79-FFCFA985804B}
IE - HKCU\..\SearchScopes\{4B99678A-87FC-4340-AD79-FFCFA985804B}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.se/"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program\Mozilla Firefox\components [2012-05-28 18:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2012-08-30 22:04:18 | 000,000,000 | ---D | M]

[2009-11-01 14:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Extensions
[2012-08-29 22:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions
[2011-04-10 09:42:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-08-27 16:00:22 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Milad\Application Data\Mozilla\Firefox\Profiles\4k1ub718.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-08-31 17:10:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions
[2012-08-23 19:56:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MILAD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4K1UB718.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010-09-16 23:35:22 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\mozilla firefox\plugins\npdeployJava1.dll
[2009-01-09 10:57:10 | 000,111,856 | ---- | M] (SecMaker AB) -- C:\Program\mozilla firefox\plugins\npiidplg.dll
[2011-07-25 13:28:22 | 000,001,470 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2011-07-25 13:28:22 | 000,002,670 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,948 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2011-07-25 13:28:22 | 000,001,174 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2011-07-25 13:28:22 | 000,000,647 | ---- | M] () -- C:\Program\mozilla firefox\searchplugins\yahoo-sv-SE.xml

========== Chrome ==========

CHR - homepage: http://www.google.se/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.se/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Milad\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Net iD (Enabled) = C:\Program\Mozilla Firefox\plugins\npiidplg.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Milad\Lokala inst\u00E4llningar\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program\Personal\bin\np_prsnl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\
CHR - Extension: Open Tennis = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\akgcgcpodojekcocdiamcenmanalhfmn\1.3_0\
CHR - Extension: 2 wheeler stunt = C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\hepefibopcnpdbkahaopilcdembgkmcb\1.5_0\

O1 HOSTS File: ([2012-08-28 16:47:01 | 000,000,724 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [LWS] C:\Program\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Net iD] C:\Program\Net iD\iid.exe (SecMaker AB)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Logitech Vid] C:\Program\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Steam] c:\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hp psc 1000 series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\hpoddt01.exe.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://192.168.0.11/dcsclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F3DCFC89-8C6E-4052-9176-B7806D188FD5} http://www.fujidirek...aderactivex.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4865552-4657-40E8-826F-E6588CB59E94}: DhcpNameServer = 83.255.245.11 193.150.193.150
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\Delade filer\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-24 19:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-01 03:22:41 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Milad\Skrivbord\mbam-setup-1.62.0.1300.exe
[2012-08-31 17:09:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-08-29 23:06:33 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 14:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2012-08-29 13:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012-08-29 01:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012-08-29 01:04:28 | 000,000,000 | ---D | C] -- C:\Program\SUPERAntiSpyware
[2012-08-28 21:55:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012-08-28 17:51:29 | 000,000,000 | ---D | C] -- C:\Program\Yieldmanager Removal Tool
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro
[2012-08-28 17:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Start-meny\Program\HiJackThis
[2012-08-28 16:01:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012-08-28 07:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2012-08-28 07:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\AVG
[2012-08-28 07:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-08-27 16:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Ad-Aware Antivirus
[2012-08-27 16:00:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Downloaded Installations
[2012-08-27 16:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\adawarebp
[2012-08-27 09:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\Malwarebytes
[2012-08-27 09:56:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-08-27 08:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\Help
[2012-08-21 22:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2012-08-21 22:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\APN
[2012-08-18 21:46:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\PokerStars.EU
[2012-08-18 21:45:47 | 000,000,000 | ---D | C] -- C:\Program\PokerStars.EU
[2012-08-07 18:34:59 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys

========== Files - Modified Within 30 Days ==========

[2012-09-03 01:08:09 | 000,229,488 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012-09-03 01:07:48 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-09-03 01:07:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012-09-03 01:07:30 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-03 01:07:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-09-03 01:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-09-02 21:41:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003UA.job
[2012-09-02 21:38:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012-09-02 21:36:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-02 15:41:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-152049171-839522115-1003Core.job
[2012-09-02 02:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-09-01 03:31:48 | 000,950,152 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\chrome_malm.jpg
[2012-09-01 03:22:45 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Milad\Skrivbord\mbam-setup-1.62.0.1300.exe
[2012-09-01 03:21:43 | 001,243,967 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\chrome.jpg
[2012-09-01 03:19:57 | 000,002,360 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\Google Chrome (2).lnk
[2012-08-31 18:24:19 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-08-31 18:21:40 | 000,822,609 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\yield.jpg
[2012-08-31 16:26:42 | 000,000,489 | ---- | M] () -- C:\WINDOWS\System\C6501.ini
[2012-08-30 22:03:05 | 000,511,265 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 00:24:45 | 000,451,975 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 23:06:35 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Milad\Skrivbord\OTL.exe
[2012-08-29 18:26:49 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 13:49:25 | 000,174,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-29 12:23:17 | 000,112,568 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 03:01:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-08-29 01:04:33 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 23:18:48 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\Milad\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2012-08-28 17:39:27 | 000,002,409 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:55 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 17:08:15 | 000,435,010 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2012-08-28 17:08:15 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-08-28 17:08:15 | 000,079,216 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2012-08-28 17:08:15 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-08-28 16:58:30 | 000,157,790 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-28 16:47:01 | 000,000,724 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-08-27 17:48:13 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-08-27 09:50:51 | 000,208,507 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-08-27 09:50:49 | 000,188,632 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-08-26 01:43:37 | 000,041,998 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:35 | 000,051,420 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:22 | 000,099,161 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:34 | 002,947,570 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-16 08:39:48 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012-08-14 21:36:37 | 000,225,280 | ---- | M] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-10 21:58:44 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-08-07 18:34:59 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2012-08-07 18:34:59 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2012-08-07 18:34:59 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2012-08-04 19:01:29 | 000,156,156 | ---- | M] () -- C:\Documents and Settings\Milad\Skrivbord\11.jpg

========== Files Created - No Company Name ==========

[2012-09-01 03:31:47 | 000,950,152 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\chrome_malm.jpg
[2012-09-01 03:21:42 | 001,243,967 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\chrome.jpg
[2012-08-31 18:25:57 | 000,002,360 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\Google Chrome (2).lnk
[2012-08-31 18:21:40 | 000,822,609 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\yield.jpg
[2012-08-30 22:03:05 | 000,511,265 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\adwcleaner.exe
[2012-08-30 00:24:45 | 000,451,975 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\tavla.jpg
[2012-08-29 18:26:49 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2012-08-29 14:00:55 | 066,138,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-08-29 12:23:17 | 000,112,568 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\lunch.pdf
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job
[2012-08-29 01:04:41 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-08-29 01:04:33 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\SUPERAntiSpyware Free Edition.lnk
[2012-08-28 17:39:23 | 000,002,409 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.lnk
[2012-08-28 17:36:38 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\HiJackThis.msi
[2012-08-28 16:58:29 | 000,157,790 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\bookmark.htm
[2012-08-26 01:43:46 | 000,041,998 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\konst.jpg
[2012-08-26 01:37:39 | 000,051,420 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\opera.jpg
[2012-08-26 01:37:26 | 000,099,161 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\Opera 2012-2013.jpg
[2012-08-22 20:28:32 | 002,947,570 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\srecko.jpg
[2012-08-22 20:10:52 | 001,396,296 | ---- | C] () -- C:\Documents and Settings\Milad\Skrivbord\DSC00092.JPG
[2012-08-16 08:39:48 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012-07-22 23:58:42 | 000,208,507 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\census.cache
[2012-07-22 23:58:40 | 000,188,632 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\ars.cache
[2012-07-22 23:52:19 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\housecall.guid.cache
[2012-05-27 02:03:26 | 000,000,205 | -HS- | C] () -- C:\Documents and Settings\Milad\.ufsxsci.hbin
[2012-05-24 17:21:32 | 000,088,656 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012-05-11 14:12:16 | 005,584,046 | ---- | C] () -- C:\Program\FileZilla FTP Client.rar
[2012-04-25 09:04:56 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Milad\g2mdlhlpx.exe
[2012-02-15 09:17:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011-06-15 22:56:21 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\droidcam-settings
[2011-04-07 19:22:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Encrypt.dll
[2011-04-07 19:22:23 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\zdlcsv.ds.dll
[2011-04-07 19:22:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\System32\Sales_MultiDL_MSM7227_V1.00.01.ini
[2011-04-07 19:22:15 | 000,578,611 | ---- | C] () -- C:\WINDOWS\adb.exe
[2011-04-07 19:22:14 | 000,000,022 | ---- | C] () -- C:\WINDOWS\sysdt.dll
[2011-01-14 20:59:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-01-08 16:58:07 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Milad\.java.policy
[2010-11-10 04:45:32 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010-11-10 04:45:30 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-11-10 04:45:20 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-11-10 04:31:42 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010-02-26 00:01:54 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Milad\Application Data\fontdb.mdb
[2009-10-25 00:43:14 | 000,225,280 | ---- | C] () -- C:\Documents and Settings\Milad\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009-11-06 11:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4D
[2011-06-16 08:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012-08-29 18:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009-11-04 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010-02-26 02:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Boss Media
[2011-06-16 07:46:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009-11-01 02:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012-08-28 07:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GFI Software
[2009-12-27 11:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012-08-29 18:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012-07-11 22:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2012-03-25 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nike
[2009-12-27 11:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-08-21 01:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012-06-20 12:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\4D
[2011-01-08 16:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Agency9
[2011-06-16 08:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG10
[2012-08-29 14:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\AVG2012
[2010-02-26 00:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\BorWare
[2010-08-02 21:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\DesktopMirror
[2012-09-02 19:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\EditPlus 3
[2012-09-02 22:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\FileZilla
[2010-02-05 11:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Free YouTube to Mp3 Wma Converter
[2009-11-06 11:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\iid
[2011-09-09 13:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Leadertech
[2011-09-14 12:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\LEAPS
[2012-07-22 22:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Microgaming
[2009-12-27 11:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Nokia
[2012-08-21 22:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\ooVoo Details
[2009-12-27 11:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\PC Suite
[2011-09-14 12:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Pegasys Inc
[2009-11-11 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\Personal
[2011-12-19 01:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Milad\Application Data\TeamViewer
[2010-05-14 23:25:03 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1264284264.job
[2012-09-03 01:07:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012-09-03 01:04:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 64f3b666-89d6-4f9e-b5b5-f99f4211376a.job
[2012-09-02 02:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task b85da8f6-046d-4b7a-9629-62ef26246363.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F4CA4D70

< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP