Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Having a steam client problem with ads [Closed]

Started by Florax , Jun 12 2014 05:56 AM

  • This topic is locked This topic is locked

#1
Florax
Posted 12 June 2014 - 05:56 AM

Florax

    New Member

  • Member
  • Pip
  • 2 posts
Hi,

I have a problem with ads appearing in my steam Client (I cant upload Attach for some reson)
This are just some of what will appear, sometimes the add will not show, but I can see the "X" for the ad.
I found a topic that could help me, but then, my problem may not be like his, so I started a New one. This ads started after i run a .exe file.

I have run 'Spybot - search & Destroy' full system scan.
I have run 'Norton Internet Security online 2014' Paid software.
I have run 'NPE (Norton Power Eraser)' This found something in my registry but faild to repair.
I did also run 'Windows-KB890830-x64-V5.13 (Microsoft® Windows® Malicious Software Removal Tool) but that did not find anything.

I also did search and read my Host file, nothing abnormal there.

So I am out of ideas. I know alot about computer, this is the first time I have ever got a virus on my computer. That's the only thing I lack experience on, so I need this forums help.
And for some reson, I can not upload any prtsc with this post. But I have kind of the same problem as this guy had (http://www.geekstogo...ijacker-solved/)

But I have ads that runs bigger then this, also have the 'you need to update to Windows media player 12.2' that lloks like a download bar like in IE11.

OTL files:

OTL logfile created on: 12.06.2014 13:09:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KimA\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

15,95 Gb Total Physical Memory | 13,33 Gb Available Physical Memory | 83,56% Memory free
33,95 Gb Paging File | 31,14 Gb Available in Paging File | 91,72% Paging File free
Paging file location(s): D:\pagefile.sys 6142 6142E:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,23 Gb Total Space | 155,43 Gb Free Space | 69,63% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 213,89 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 1193,00 Gb Free Space | 64,04% Space Free | Partition Type: NTFS
Drive G: | 2794,51 Gb Total Space | 2383,92 Gb Free Space | 85,31% Space Free | Partition Type: NTFS

Computer Name: KIMOLSEN | User Name: KimA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.06.12 12:46:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KimA\Desktop\OTL.exe
PRC - [2014.06.12 11:13:29 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
PRC - [2014.05.18 10:16:36 | 001,216,520 | ---- | M] (TorchMedia Inc.) -- C:\Users\KimA\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2014.05.14 07:25:04 | 000,130,104 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe
PRC - [2014.05.11 09:11:33 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
PRC - [2014.05.08 11:45:50 | 000,018,944 | ---- | M] () -- C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
PRC - [2014.04.25 14:14:28 | 004,101,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014.04.25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014.04.25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.04.25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014.04.25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.04.07 10:10:42 | 000,324,392 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe
PRC - [2014.04.07 10:10:42 | 000,324,392 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\Powersuite\powersuite.exe
PRC - [2014.01.05 00:23:31 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.09.16 13:18:28 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013.09.16 13:17:42 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013.08.22 13:35:42 | 005,567,488 | ---- | M] (TeamViewer) -- C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe
PRC - [2013.08.20 04:47:04 | 000,103,936 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2013.08.07 15:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Programfiler\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.08.07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Programfiler\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013.03.04 08:30:51 | 000,505,096 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2013.03.04 08:30:47 | 000,294,664 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2013.03.04 08:30:45 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2013.03.04 08:30:42 | 000,089,864 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012.11.28 13:21:38 | 000,976,896 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
PRC - [2012.10.08 11:53:22 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2012.07.11 11:16:36 | 002,014,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
PRC - [2009.12.15 14:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.01 12:29:34 | 002,964,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\15e0783372e02bd437cab8ac76420124\System.IdentityModel.ni.dll
MOD - [2014.05.01 12:29:33 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\39bc23d9592ef276c70a36ef0311070a\System.ServiceModel.Web.ni.dll
MOD - [2014.05.01 12:29:32 | 000,785,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\ee53227bcc4430088d0b560752c1cd02\System.ServiceModel.Internals.ni.dll
MOD - [2014.05.01 12:29:32 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\352d34797f7cd44cd0973c33539200f1\SMDiagnostics.ni.dll
MOD - [2014.04.29 12:44:22 | 007,802,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\77bc1a994f64193efc124c297b93fdb7\System.Xml.ni.dll
MOD - [2014.04.29 12:44:19 | 001,874,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\10483ca149b5c651d217edbf2f3169b4\System.Xaml.ni.dll
MOD - [2014.04.29 12:44:18 | 012,856,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\635558b506364815e8348217e86fdf99\System.Windows.Forms.ni.dll
MOD - [2014.04.29 12:44:13 | 019,566,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\4c3126aec3364546e4ade89c24c4e742\System.ServiceModel.ni.dll
MOD - [2014.04.29 12:44:06 | 002,804,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
MOD - [2014.04.29 12:44:05 | 001,635,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ddb52221ad0200b7c2e0a308e47d5c7c\System.Drawing.ni.dll
MOD - [2014.04.29 12:44:01 | 000,968,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c5bf2f5c3e13726b3984a900221e1778\System.Configuration.ni.dll
MOD - [2014.04.29 12:44:00 | 018,744,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\92388fbe99436e6ed1f56ee56f10c565\PresentationFramework.ni.dll
MOD - [2014.04.29 12:43:54 | 011,027,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\619034abb9a9fb1b3dc32c0a9aa38d3c\PresentationCore.ni.dll
MOD - [2014.04.29 12:43:50 | 003,957,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bbf715cfb5360c95acd27b199083854\WindowsBase.ni.dll
MOD - [2014.04.29 12:43:48 | 006,951,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c1194e56644c7688e7eb0f68a57dcc30\System.Core.ni.dll
MOD - [2014.04.29 12:43:45 | 010,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\c24d08cc4e93fc4f6f15a637b00a2721\System.ni.dll
MOD - [2014.04.25 14:11:24 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014.04.25 14:11:22 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014.04.25 14:11:20 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014.04.07 10:10:50 | 001,047,848 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\ui_dll.dll
MOD - [2014.04.07 10:10:40 | 000,591,144 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\locale\no\resources.dll
MOD - [2014.04.07 10:10:10 | 020,764,456 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\libcef.dll
MOD - [2014.04.07 10:09:42 | 000,628,520 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\libglesv2.dll
MOD - [2014.04.07 10:09:42 | 000,118,056 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\libegl.dll
MOD - [2014.04.07 10:09:28 | 001,100,600 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\avcodec-53.dll
MOD - [2014.04.07 10:09:28 | 000,190,264 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\avformat-53.dll
MOD - [2014.04.07 10:09:28 | 000,123,704 | ---- | M] () -- C:\Program Files (x86)\Uniblue\Powersuite\avutil-51.dll
MOD - [2014.01.27 13:52:41 | 017,395,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2009.12.15 14:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.12.15 14:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.06.11 11:44:52 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.05.23 03:25:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014.04.06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014.04.03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014.03.14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014.03.08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014.03.06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014.02.22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014.02.22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014.02.22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014.02.22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014.02.22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014.02.22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014.01.06 15:11:14 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2013.12.10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.11.23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.11.01 02:50:20 | 000,241,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.08.29 15:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2011.12.12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2014.05.29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.05.18 10:16:36 | 001,216,520 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\KimA\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2014.05.14 07:25:04 | 000,130,104 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe -- (NCO)
SRV - [2014.05.11 09:11:33 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe -- (NIS)
SRV - [2014.05.08 11:45:50 | 000,018,944 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe -- (SystemUpdatekb70007)
SRV - [2014.04.25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.03.14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014.01.09 04:59:10 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2014.01.05 00:23:31 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.12.26 00:07:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013.12.26 00:07:13 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.09.16 13:18:28 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.09.16 13:17:42 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.08.27 15:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\programfiler\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV - [2013.08.27 15:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\programfiler\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 13:35:42 | 005,567,488 | ---- | M] (TeamViewer) [Auto | Running] -- C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe -- (ITbrain Agent)
SRV - [2013.08.22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.08.20 04:47:04 | 000,103,936 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2013.08.07 15:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\programfiler\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2013.03.04 08:30:47 | 000,294,664 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2013.03.04 08:30:45 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2013.03.04 08:30:42 | 000,089,864 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012.10.08 11:53:22 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\programfiler\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\programfiler\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.05.23 04:22:08 | 015,950,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014.05.23 03:11:52 | 000,557,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014.05.01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014.04.01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014.03.24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014.03.24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014.03.24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014.03.20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014.03.14 13:22:10 | 000,130,688 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GemCCID.sys -- (GemCCID)
DRV:64bit: - [2014.03.13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014.03.08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014.03.08 22:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014.03.04 06:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014.02.22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014.02.22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014.02.22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014.02.22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014.02.22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014.02.22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014.02.22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014.02.21 01:14:34 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE07000.02F\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2014.02.18 03:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\symnets.sys -- (SymNetS)
DRV:64bit: - [2014.02.13 03:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014.01.02 00:36:43 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.12.21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.12.15 01:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013.12.15 01:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013.12.04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013.11.13 17:39:30 | 000,449,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013.11.11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.11.01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.10.26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.10.17 23:36:48 | 000,037,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\senaudio64.sys -- (PocketAudio)
DRV:64bit: - [2013.10.17 23:36:48 | 000,030,360 | ---- | M] (Senstic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\camsource64.sys -- (avshws)
DRV:64bit: - [2013.10.05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.09.30 17:26:50 | 000,019,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.09.30 17:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013.09.27 04:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.09.26 04:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.09.16 13:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013.09.14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.09.10 04:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\symelam.sys -- (SymELAM)
DRV:64bit: - [2013.09.10 04:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2013.09.10 03:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.08.30 01:55:48 | 000,468,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d64x64.sys -- (e1dexpress)
DRV:64bit: - [2013.08.23 00:34:13 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.08.23 00:34:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.08.22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013.08.22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 13:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013.08.22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.20 04:52:08 | 001,049,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cthda.sys -- (cthda)
DRV:64bit: - [2013.08.13 01:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.08.07 15:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.07.30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.06.18 16:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013.06.18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.23 01:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2012.08.29 15:22:38 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2014.06.11 12:04:27 | 000,486,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014.06.11 12:04:27 | 000,142,128 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014.05.21 12:14:52 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140611.032\EX64.SYS -- (NAVEX15)
DRV - [2014.05.21 12:14:52 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140611.032\ENG64.SYS -- (NAVENG)
DRV - [2014.05.10 03:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140606.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014.03.26 01:40:42 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140611.001\IDSvia64.sys -- (IDSVia64)
DRV - [2013.12.26 02:10:06 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.03.04 15:37:12 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/12/23 18:58:07] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012.12.29 22:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2012.09.10 11:44:43 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp...0528AS_9VP953V7
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp...0528AS_9VP953V7
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp...0528AS_9VP953V7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp...0528AS_9VP953V7
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp...0528AS_9VP953V7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.no.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nb-NO
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 EC E4 A9 1B CC CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0: C:\Program Files (x86)\TradeManager\nptrademanager.dll ( )
FF - HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files (x86)\TradeManager\npwangwang.dll ( )
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\TradeManager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\KimA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KimA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014.01.02 00:37:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014.06.12 11:15:14 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2014.05.22 03:47:57 | 000,000,883 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\programfiler\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\programfiler\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\programfiler\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlowSurf) - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll File not found
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\programfiler\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Sound Blaster Recon3Di SBX Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [SMS+] "C:\Users\KimA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telenor Digital\SMS+.appref-ms" --start-minimized File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\programfiler\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\programfiler\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\programfiler\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\programfiler\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\programfiler\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: FlowSurf - {6CA2A4DE-483E-456B-8634-6445460D7097} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\programfiler\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Klarerte områder)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Klarerte områder)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Klarerte områder)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Klarerte områder)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Klarerte områder)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Klarerte områder)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.67.15.198 193.213.112.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE3E6B93-0CF4-43F5-9D03-C2E095B665DA}: DhcpNameServer = 130.67.15.198 193.213.112.4
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\programfiler\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\programfiler\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\programfiler\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{376152a1-aeaa-11e3-837d-94de806c55d3}\Shell - "" = AutoRun
O33 - MountPoints2\{376152a1-aeaa-11e3-837d-94de806c55d3}\Shell\AutoRun\command - "" = "H:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.06.12 12:46:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KimA\Desktop\OTL.exe
[2014.06.12 12:08:22 | 000,000,000 | ---D | C] -- C:\Users\KimA\Desktop\NY PC
[2014.06.12 01:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014.06.12 01:09:06 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014.06.12 01:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014.06.12 01:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014.06.12 01:05:04 | 046,392,680 | ---- | C] (Safer-Networking Ltd. ) -- C:\Users\KimA\Desktop\spybot-2.3.exe
[2014.06.12 00:43:11 | 000,000,000 | ---D | C] -- C:\NPE
[2014.06.12 00:15:29 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Local\NPE
[2014.06.11 15:03:14 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014.06.11 15:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014.06.10 23:57:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2014.06.10 14:35:45 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Local\Unity
[2014.06.09 21:09:46 | 000,000,000 | ---D | C] -- C:\Users\KimA\Desktop\Mini vMac
[2014.06.09 21:09:46 | 000,000,000 | ---D | C] -- C:\Users\KimA\Desktop\__MACOSX
[2014.06.09 18:21:18 | 000,000,000 | ---D | C] -- C:\Users\KimA\Desktop\Mac
[2014.06.08 03:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014.06.08 03:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014.06.07 13:28:06 | 000,000,000 | ---D | C] -- C:\Users\KimA\Desktop\skole, nav, kjetil, video conv, line, mobiler
[2014.06.07 00:49:22 | 000,000,000 | ---D | C] -- C:\OLDGAMES
[2014.06.05 16:10:52 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Local\DOSBox
[2014.06.05 16:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2014.06.05 16:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2014.06.02 19:24:00 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\HyperCam
[2014.06.02 19:23:59 | 000,000,000 | ---D | C] -- C:\Users\KimA\Documents\HyperCam3
[2014.06.02 19:23:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperCam 3
[2014.06.02 19:23:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Solveig Multimedia
[2014.06.02 19:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyperCam 3
[2014.06.02 12:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.06.02 12:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.06.02 12:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.06.02 12:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.06.02 12:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.05.31 01:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2014.05.31 01:48:13 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\TERA
[2014.05.30 21:28:37 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telenor Digital
[2014.05.29 20:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.05.29 20:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.05.29 20:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.05.29 20:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014.05.29 20:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014.05.29 20:20:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014.05.29 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014.05.29 20:18:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.05.29 20:18:17 | 000,000,000 | ---D | C] -- C:\AMD
[2014.05.28 12:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2014.05.27 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\Farming World
[2014.05.23 03:43:48 | 000,065,024 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.05.23 03:43:44 | 000,058,880 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.05.23 03:25:38 | 000,031,232 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2014.05.23 03:25:32 | 000,588,800 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2014.05.23 03:25:16 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2014.05.23 03:24:34 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2014.05.23 03:18:54 | 000,826,368 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_14.200.dll
[2014.05.22 03:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014.05.22 03:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014.05.22 03:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2014.05.22 03:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014.05.22 03:03:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014.05.22 03:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014.05.22 02:37:39 | 000,000,000 | ---D | C] -- C:\Users\KimA\.shsh
[2014.05.21 23:31:47 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\redsn0w
[2014.05.21 22:24:37 | 000,000,000 | ---D | C] -- C:\Users\KimA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tenorshare iPhone 5(5s,5c) Data Recovery
[2014.05.21 22:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tenorshare iPhone 5(5s,5c) Data Recovery
[2014.05.18 17:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
[2014.05.18 17:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAR Password Unlocker
[2014.05.14 13:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.06.12 12:49:43 | 000,000,326 | ---- | M] () -- C:\Users\KimA\Desktop\OTL Tutorial - How to use OldTimer ListIt - Malware Removal Guides and Tutorials.url
[2014.06.12 12:46:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KimA\Desktop\OTL.exe
[2014.06.12 12:38:23 | 000,602,509 | ---- | M] () -- C:\Users\KimA\Desktop\STEAMADS2.png
[2014.06.12 12:28:39 | 000,848,223 | ---- | M] () -- C:\Users\KimA\Desktop\STEAMADS.png
[2014.06.12 11:20:23 | 001,663,044 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.12 11:20:23 | 000,709,676 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2014.06.12 11:20:23 | 000,696,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.12 11:20:23 | 000,134,244 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2014.06.12 11:20:23 | 000,126,860 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.12 11:15:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.12 11:13:49 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\powersuite_monitor.job
[2014.06.12 11:13:22 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014.06.12 11:13:19 | 820,097,021 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.12 01:54:13 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014.06.12 01:53:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-117353113-1150425548-2677044678-1001UA.job
[2014.06.12 01:50:29 | 000,000,330 | ---- | M] () -- C:\Users\KimA\Desktop\Undetectable Browser Adware - Hijacker [Solved] - Virus, Spyware, Malware Removal.url
[2014.06.12 01:33:19 | 000,000,206 | ---- | M] () -- C:\Users\KimA\Desktop\How to remove a computer virus - malware - YouTube.url
[2014.06.12 01:09:08 | 000,001,391 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014.06.12 01:07:31 | 000,000,238 | ---- | M] () -- C:\Users\KimA\Desktop\Remove Chitka pop-up ads (Removal Guide).url
[2014.06.12 01:06:11 | 000,000,459 | ---- | M] () -- C:\Users\KimA\Desktop\Five Best Malware Removal Tools.url
[2014.06.12 01:05:49 | 046,392,680 | ---- | M] (Safer-Networking Ltd. ) -- C:\Users\KimA\Desktop\spybot-2.3.exe
[2014.06.12 00:39:42 | 000,380,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.06.12 00:21:14 | 000,000,225 | ---- | M] () -- C:\Users\KimA\Desktop\Lara Croft and the Guardian of Light - Wikipedia, the free encyclopedia.url
[2014.06.11 23:51:03 | 000,057,856 | ---- | M] () -- C:\Users\KimA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.06.11 22:53:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-117353113-1150425548-2677044678-1001Core.job
[2014.06.11 17:54:08 | 000,000,199 | ---- | M] () -- C:\Users\KimA\Desktop\Jeanette Mysen Karlsrud.url
[2014.06.11 14:55:02 | 000,390,839 | ---- | M] () -- C:\Users\KimA\Desktop\hacker.jpg
[2014.06.11 14:53:07 | 000,011,323 | ---- | M] () -- C:\Users\KimA\Desktop\5660_108223877381_1131920_n.jpg
[2014.06.11 14:52:59 | 000,006,009 | ---- | M] () -- C:\Users\KimA\Desktop\1233994_10151586039697382_1183129670_n.jpg
[2014.06.11 14:51:41 | 000,063,721 | ---- | M] () -- C:\Users\KimA\Desktop\death-dome-600x300.jpg
[2014.06.11 14:50:29 | 000,014,903 | ---- | M] () -- C:\Users\KimA\Desktop\mt11_1.jpg
[2014.06.11 14:38:23 | 000,070,255 | ---- | M] () -- C:\Users\KimA\Desktop\927427-10-1285790053811.jpg
[2014.06.11 11:53:52 | 002,792,561 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\Cat.DB
[2014.06.10 01:30:25 | 000,000,232 | ---- | M] () -- C:\Users\KimA\Desktop\Uplay Lounge Uplay-lounge.url
[2014.06.09 23:00:00 | 000,255,248 | ---- | M] () -- C:\Users\KimA\Desktop\WP_20140609_005.jpg
[2014.06.09 22:53:10 | 000,252,713 | ---- | M] () -- C:\Users\KimA\Desktop\WP_20140609_006.jpg
[2014.06.09 21:07:46 | 000,129,643 | ---- | M] () -- C:\Users\KimA\Desktop\vMac.ROM.sit.hqx
[2014.06.09 21:00:30 | 000,162,343 | ---- | M] () -- C:\Users\KimA\Desktop\sysone.img.sit.hqx
[2014.06.09 18:20:55 | 003,749,074 | ---- | M] () -- C:\Users\KimA\Desktop\Mac OS 7 Install Package.rar
[2014.06.09 03:14:10 | 000,000,206 | ---- | M] () -- C:\Users\KimA\Desktop\Ancient High Technology (Full Documentary) - YouTube.url
[2014.06.08 22:07:46 | 000,000,122 | ---- | M] () -- C:\Users\KimA\Desktop\InMetal - Precision Sheet Metal Fabrication in MA, Sheet Metal Fabricator in MA, Chassis, Steel Frames, Stainless Steel, Electronic Enclosures.url
[2014.06.08 17:17:01 | 001,216,084 | ---- | M] () -- C:\Users\KimA\Desktop\mzx284c-x64.zip
[2014.06.08 16:41:27 | 005,677,604 | ---- | M] () -- C:\Users\KimA\Desktop\frabs210.zip
[2014.06.07 21:58:02 | 000,000,186 | ---- | M] () -- C:\Users\KimA\Desktop\LetterMeLater.com - Schedule Email to be Sent Later Automatically.url
[2014.06.07 20:15:18 | 000,000,205 | ---- | M] () -- C:\Users\KimA\Desktop\ERB - YouTube.url
[2014.06.06 01:36:16 | 000,000,209 | ---- | M] () -- C:\Users\KimA\Desktop\DJ Snake & Lil Jon - Turn Down for What - YouTube.url
[2014.06.05 22:57:57 | 000,010,820 | ---- | M] () -- C:\Users\KimA\Desktop\PASSORD.rar
[2014.06.05 21:25:41 | 000,000,219 | ---- | M] () -- C:\Users\KimA\Desktop\TheFineBros - YouTube.url
[2014.06.05 21:24:58 | 000,000,222 | ---- | M] () -- C:\Users\KimA\Desktop\YouTube.url
[2014.06.05 16:10:46 | 000,001,930 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2014.06.04 22:34:20 | 000,000,206 | ---- | M] () -- C:\Users\KimA\Desktop\Guide How to monitor hardware on-screen - YouTube.url
[2014.06.04 21:14:44 | 000,038,119 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1503000.00C\VT20140604.020
[2014.06.02 03:00:07 | 000,000,213 | ---- | M] () -- C:\Users\KimA\Desktop\(2) Disney and Pixar Sings Let it Go - Video.url
[2014.06.01 22:34:10 | 000,000,206 | ---- | M] () -- C:\Users\KimA\Desktop\ASUS X79 - Advanced Auto Overclocking - YouTube.url
[2014.05.29 20:20:24 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014.05.29 02:24:16 | 000,000,206 | ---- | M] () -- C:\Users\KimA\Desktop\More Proof The Music Industry Is Fake - YouTube.url
[2014.05.23 03:57:06 | 000,134,656 | ---- | M] () -- C:\Windows\SysNative\amdhdl64.dll
[2014.05.23 03:57:04 | 000,123,392 | ---- | M] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014.05.23 03:47:48 | 000,231,424 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2014.05.23 03:47:38 | 001,187,342 | ---- | M] () -- C:\Windows\SysNative\amdocl_as64.exe
[2014.05.23 03:47:38 | 001,061,902 | ---- | M] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2014.05.23 03:47:38 | 000,995,342 | ---- | M] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.05.23 03:47:38 | 000,798,734 | ---- | M] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.05.23 03:47:26 | 000,418,304 | ---- | M] () -- C:\Windows\SysNative\amdmiracast.dll
[2014.05.23 03:43:48 | 000,065,024 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.05.23 03:43:44 | 000,058,880 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.05.23 03:38:38 | 000,595,896 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014.05.23 03:38:38 | 000,595,896 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2014.05.23 03:25:38 | 000,031,232 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2014.05.23 03:25:32 | 000,588,800 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2014.05.23 03:25:16 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2014.05.23 03:25:08 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2014.05.23 03:24:34 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2014.05.23 03:22:14 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.05.23 03:22:14 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2014.05.23 03:18:54 | 000,826,368 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_14.200.dll
[2014.05.23 03:17:28 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2014.05.22 21:56:56 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll
[2014.05.22 21:52:44 | 000,038,912 | ---- | M] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.05.22 03:47:57 | 000,000,883 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.05.22 03:28:11 | 000,000,880 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella
[2014.05.14 07:24:54 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSTx64\7DE07000.02F\isolate.ini
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.06.12 12:49:43 | 000,000,326 | ---- | C] () -- C:\Users\KimA\Desktop\OTL Tutorial - How to use OldTimer ListIt - Malware Removal Guides and Tutorials.url
[2014.06.12 12:38:03 | 000,602,509 | ---- | C] () -- C:\Users\KimA\Desktop\STEAMADS2.png
[2014.06.12 12:28:39 | 000,848,223 | ---- | C] () -- C:\Users\KimA\Desktop\STEAMADS.png
[2014.06.12 01:50:29 | 000,000,330 | ---- | C] () -- C:\Users\KimA\Desktop\Undetectable Browser Adware - Hijacker [Solved] - Virus, Spyware, Malware Removal.url
[2014.06.12 01:33:19 | 000,000,206 | ---- | C] () -- C:\Users\KimA\Desktop\How to remove a computer virus - malware - YouTube.url
[2014.06.12 01:09:08 | 000,001,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014.06.12 01:09:08 | 000,001,391 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014.06.12 01:07:31 | 000,000,238 | ---- | C] () -- C:\Users\KimA\Desktop\Remove Chitka pop-up ads (Removal Guide).url
[2014.06.12 01:06:11 | 000,000,459 | ---- | C] () -- C:\Users\KimA\Desktop\Five Best Malware Removal Tools.url
[2014.06.12 00:21:14 | 000,000,225 | ---- | C] () -- C:\Users\KimA\Desktop\Lara Croft and the Guardian of Light - Wikipedia, the free encyclopedia.url
[2014.06.11 17:54:08 | 000,000,199 | ---- | C] () -- C:\Users\KimA\Desktop\Jeanette Mysen Karlsrud.url
[2014.06.11 14:55:07 | 000,390,839 | ---- | C] () -- C:\Users\KimA\Desktop\hacker.jpg
[2014.06.11 14:53:07 | 000,011,323 | ---- | C] () -- C:\Users\KimA\Desktop\5660_108223877381_1131920_n.jpg
[2014.06.11 14:52:59 | 000,006,009 | ---- | C] () -- C:\Users\KimA\Desktop\1233994_10151586039697382_1183129670_n.jpg
[2014.06.11 14:51:54 | 000,063,721 | ---- | C] () -- C:\Users\KimA\Desktop\death-dome-600x300.jpg
[2014.06.11 14:50:34 | 000,014,903 | ---- | C] () -- C:\Users\KimA\Desktop\mt11_1.jpg
[2014.06.11 14:38:44 | 000,070,255 | ---- | C] () -- C:\Users\KimA\Desktop\927427-10-1285790053811.jpg
[2014.06.10 01:30:24 | 000,000,232 | ---- | C] () -- C:\Users\KimA\Desktop\Uplay Lounge Uplay-lounge.url
[2014.06.09 22:59:59 | 000,255,248 | ---- | C] () -- C:\Users\KimA\Desktop\WP_20140609_005.jpg
[2014.06.09 22:59:08 | 000,252,713 | ---- | C] () -- C:\Users\KimA\Desktop\WP_20140609_006.jpg
[2014.06.09 21:07:46 | 000,129,643 | ---- | C] () -- C:\Users\KimA\Desktop\vMac.ROM.sit.hqx
[2014.06.09 21:00:30 | 000,162,343 | ---- | C] () -- C:\Users\KimA\Desktop\sysone.img.sit.hqx
[2014.06.09 18:20:51 | 003,749,074 | ---- | C] () -- C:\Users\KimA\Desktop\Mac OS 7 Install Package.rar
[2014.06.09 03:14:10 | 000,000,206 | ---- | C] () -- C:\Users\KimA\Desktop\Ancient High Technology (Full Documentary) - YouTube.url
[2014.06.08 22:07:46 | 000,000,122 | ---- | C] () -- C:\Users\KimA\Desktop\InMetal - Precision Sheet Metal Fabrication in MA, Sheet Metal Fabricator in MA, Chassis, Steel Frames, Stainless Steel, Electronic Enclosures.url
[2014.06.08 17:15:28 | 001,216,084 | ---- | C] () -- C:\Users\KimA\Desktop\mzx284c-x64.zip
[2014.06.08 16:41:19 | 005,677,604 | ---- | C] () -- C:\Users\KimA\Desktop\frabs210.zip
[2014.06.07 21:58:02 | 000,000,186 | ---- | C] () -- C:\Users\KimA\Desktop\LetterMeLater.com - Schedule Email to be Sent Later Automatically.url
[2014.06.06 01:36:16 | 000,000,209 | ---- | C] () -- C:\Users\KimA\Desktop\DJ Snake & Lil Jon - Turn Down for What - YouTube.url
[2014.06.05 21:25:41 | 000,000,219 | ---- | C] () -- C:\Users\KimA\Desktop\TheFineBros - YouTube.url
[2014.06.05 21:25:14 | 000,000,205 | ---- | C] () -- C:\Users\KimA\Desktop\ERB - YouTube.url
[2014.06.05 21:24:58 | 000,000,222 | ---- | C] () -- C:\Users\KimA\Desktop\YouTube.url
[2014.06.05 16:10:46 | 000,001,930 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2014.06.04 22:34:20 | 000,000,206 | ---- | C] () -- C:\Users\KimA\Desktop\Guide How to monitor hardware on-screen - YouTube.url
[2014.06.02 03:00:07 | 000,000,213 | ---- | C] () -- C:\Users\KimA\Desktop\(2) Disney and Pixar Sings Let it Go - Video.url
[2014.06.01 22:34:10 | 000,000,206 | ---- | C] () -- C:\Users\KimA\Desktop\ASUS X79 - Advanced Auto Overclocking - YouTube.url
[2014.05.29 20:20:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.05.29 02:24:16 | 000,000,206 | ---- | C] () -- C:\Users\KimA\Desktop\More Proof The Music Industry Is Fake - YouTube.url
[2014.05.23 03:57:06 | 000,134,656 | ---- | C] () -- C:\Windows\SysNative\amdhdl64.dll
[2014.05.23 03:57:04 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014.05.23 03:47:48 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2014.05.23 03:47:38 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2014.05.23 03:47:38 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2014.05.23 03:47:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.05.23 03:47:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.05.23 03:47:26 | 000,418,304 | ---- | C] () -- C:\Windows\SysNative\amdmiracast.dll
[2014.05.23 03:38:38 | 000,595,896 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014.05.23 03:38:38 | 000,595,896 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014.05.23 03:25:08 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2014.05.23 03:22:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.05.23 03:22:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014.05.23 03:17:28 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2014.05.22 21:56:56 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\kdbsdk64.dll
[2014.05.22 21:52:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.05.22 03:03:30 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014.04.28 14:23:35 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014.03.09 22:43:54 | 000,008,794 | ---- | C] () -- C:\Users\KimA\AppData\Local\recently-used.xbel
[2014.02.14 04:27:29 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014.01.15 23:10:24 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013.12.26 06:10:44 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.26 06:10:44 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.12.21 01:02:44 | 000,280,064 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013.12.21 01:02:40 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.12.21 01:02:40 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013.12.12 20:52:17 | 000,007,600 | ---- | C] () -- C:\Users\KimA\AppData\Local\Resmon.ResmonCfg
[2013.12.11 01:37:24 | 000,057,856 | ---- | C] () -- C:\Users\KimA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.09 21:43:10 | 000,000,307 | ---- | C] () -- C:\Windows\lgfwup.ini
[2013.12.06 17:24:06 | 000,237,056 | ---- | C] () -- C:\Windows\SysWow64\amdacpusl.dll
[2013.11.25 21:16:54 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.10.25 15:58:06 | 000,000,000 | ---- | C] () -- C:\Users\KimA\AppData\Local\Driver_Jupiter_01Present.flag
[2013.10.25 15:58:06 | 000,000,000 | ---- | C] () -- C:\Users\KimA\AppData\Local\BluetoothPresent.flag
[2013.10.18 21:58:20 | 000,152,091 | ---- | C] () -- C:\Windows\SysWow64\bios.ini
[2013.10.18 21:13:39 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.10.18 21:13:39 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.10.18 21:13:39 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.10.18 21:13:38 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.10.18 21:13:38 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.10.18 19:31:33 | 000,000,000 | ---- | C] () -- C:\Users\KimA\AppData\Local\Driver_LOM_8161Present.flag
[2013.10.18 18:29:24 | 001,315,404 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013.02.13 12:27:54 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013.11.26 19:23:35 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.04.06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.04.06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.19 16:12:01 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Alibaba
[2014.02.18 17:26:36 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\awesomehp
[2014.02.08 18:03:03 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Battle.net
[2014.05.05 19:50:58 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\deskPDF
[2014.05.05 17:56:19 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\deskPDF Editor
[2014.05.27 13:51:28 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Farming World
[2014.06.02 19:24:00 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\HyperCam
[2014.05.05 22:31:10 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\iSkysoft
[2014.01.24 12:56:37 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Leadertech
[2013.10.18 21:17:53 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\library_dir
[2014.01.11 14:17:30 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\MAXON
[2013.11.21 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\MPC-HC
[2014.02.19 12:58:24 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\newnext.me
[2014.04.21 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Oracle
[2013.10.20 02:15:08 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Origin
[2013.12.27 04:28:49 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Raptr
[2014.05.21 23:36:56 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\redsn0w
[2014.06.02 20:17:39 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Solveig Multimedia
[2014.01.31 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\TeamViewer
[2014.05.31 01:48:13 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\TERA
[2013.11.25 20:04:34 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Uniblue
[2014.05.05 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\Wondershare

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\KimA\SkyDrive:ms-properties
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:B755D674

< End of report >


OTL Extras logfile created on: 12.06.2014 13:09:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KimA\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

15,95 Gb Total Physical Memory | 13,33 Gb Available Physical Memory | 83,56% Memory free
33,95 Gb Paging File | 31,14 Gb Available in Paging File | 91,72% Paging File free
Paging file location(s): D:\pagefile.sys 6142 6142E:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,23 Gb Total Space | 155,43 Gb Free Space | 69,63% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 213,89 Gb Free Space | 22,96% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 1193,00 Gb Free Space | 64,04% Space Free | Partition Type: NTFS
Drive G: | 2794,51 Gb Total Space | 2383,92 Gb Free Space | 85,31% Space Free | Partition Type: NTFS

Computer Name: KIMOLSEN | User Name: KimA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = Notepad++_file] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A341CEB-B6DF-4B8B-9714-2AD2727FEB1E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0CB5769F-B70B-4A9C-A0F3-FDFE557B7CFC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12111B65-DFFE-46E3-87D7-0452031D9E1C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AC95CD3-CAFD-4B1B-8B13-847F3C244A7A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E1F79BF-A28C-4104-89B6-656C109E4F97}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3935BBE2-4CD3-4D31-B3A2-D23C1C89103D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3C93E19F-6123-4E7A-B4AF-DB0B5DC2380A}" = rport=445 | protocol=6 | dir=out | app=system |
"{4017DE3D-C891-4DA7-A102-DC122917B7B1}" = lport=1782 | protocol=6 | dir=in | name=sensticpocketservicewin.exe operation port (1782) |
"{44FB78BB-EEA1-431E-98E2-1780AC0C8452}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6708E16B-8FEF-4014-88B1-BB1E8ACCFCE0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{69AF3DF7-D52A-4F3F-9626-139AA75DA515}" = lport=138 | protocol=17 | dir=in | app=system |
"{8335318E-F154-4A3E-9728-6DE3F1B5DD48}" = rport=139 | protocol=6 | dir=out | app=system |
"{8563CE34-A97A-4E33-8EE4-DAE1ED556E79}" = rport=137 | protocol=17 | dir=out | app=system |
"{9275082F-84FA-4DA2-9461-390C8FFA1813}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4104B8C-6307-4759-A5F6-4FF370D162D0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A62C563A-E6E6-4077-9FF7-37EB184CBBDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{AFC31FCD-DCA6-4474-85D1-CAFF9E582DA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{AFF700F3-A252-4ED0-803D-2EB544C6DB5E}" = lport=137 | protocol=17 | dir=in | app=system |
"{D29F7BB7-19B7-4BD7-B52D-2F5CA2F68C89}" = lport=1782 | protocol=6 | dir=in | name=sensticpocketservicewin.exe operation port (1782) |
"{D7ED3018-39EE-47F5-A109-792DDA4ABCBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0A25318-CB96-45A3-900A-7D267B4C4970}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EDAC732F-8B6C-49EA-B1F5-EE311E3AE580}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6F96737-5434-4AA4-AAE3-50836CEDCDFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0142123D-4C09-4D6E-A9E6-74143F96CEF8}" = dir=in | app=c:\program files (x86)\skypewebplugin\skypewebplugin.exe |
"{01767A58-7CB3-4B46-8E7C-231377BB5D94}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\trials fusion\datapack\trials_fusion.exe |
"{02C0AB17-6DAD-4495-A1B2-3229954A1E70}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\free to play\ftp.exe |
"{030F8124-32EE-496E-9D50-1DF386BFD47F}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{03590FA3-B38D-4DFA-BFAD-800EDA6E0997}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\castle story\castle story prototype.exe |
"{03FC952E-9215-478F-95A5-EE644744A0B0}" = dir=in | name=disney infinity: toy box |
"{06CB0AC5-26C6-42A4-B955-5AF9CC24F320}" = dir=in | name=@{828b5831.supermarketmania2_1.6.2.0_x86__ytsefhwckbdv6?ms-resource://828b5831.supermarketmania2/resources/kd_app_name} |
"{0963C7A1-9515-4AB6-83E0-940F3457E3A5}" = protocol=6 | dir=in | app=e:\origin spill\battlefield 4\bf4.exe |
"{09F7BCAE-C6C5-4183-A844-F13B7AC69BE5}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{0C850EF6-8F57-4D89-AADE-CE19144240FC}" = protocol=17 | dir=in | app=e:\origin spill\crysis 3\bin32\crysis3.exe |
"{118B18A9-6C6E-49CA-9C29-76B12AC717CE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{12A985DB-CD6B-40B1-A73F-D86950B434A4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{16B7EC0B-09D6-44DA-BE0D-752DEA4FA807}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1C2384B0-A1BB-48B3-964A-88AB95B6BB09}" = dir=out | name=@{828b5831.standofood3_1.2.3.0_x86__ytsefhwckbdv6?ms-resource://828b5831.standofood3/resources/kd_app_name} |
"{1C55628A-E73A-4FBF-9DD3-5C7625164EDA}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\terraria\terraria.exe |
"{223C9B58-5ABA-4755-A5FD-8C06EC83340D}" = protocol=6 | dir=in | app=e:\ac iii\assassinscreed3.exe |
"{245450C6-C838-4C67-B435-4EE4D84D6440}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{263067B9-8C3E-48DD-971A-1E13D8A32F29}" = protocol=6 | dir=in | app=e:\ac iii\ac3sp.exe |
"{2735C9A8-5FF2-435F-A166-936CEDBB47B4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28C01ED5-7751-42AA-86F0-83F98147C99D}" = protocol=17 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
"{2D59E41A-D6CF-46B8-BB92-828CB40330B7}" = dir=in | name=compello |
"{2E8AFA8C-1ECB-49F0-96BD-5A115B6AF19F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{32CA7D24-F584-4659-A63B-CEB9D69413F6}" = protocol=17 | dir=in | app=e:\watch_dogs\bin\watch_dogs.exe |
"{33674097-F46D-4596-A304-4FB89F82D2A6}" = protocol=6 | dir=in | app=e:\origin spill\battlefield 3\bf3.exe |
"{34A908C5-847D-46E4-9CB0-BE4CAA7757B7}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe |
"{3655F514-4BE2-4542-82E4-52200FC361C6}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe |
"{36E726F8-6057-4789-99CD-ECC813B10B43}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{395CCD30-01A6-4C55-A097-FD96F55E2E26}" = protocol=6 | dir=in | app=e:\origin spill\dead space\dead space.exe |
"{3D9D1ADB-707C-4737-98D5-0C2AFC9D33A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DA22BB1-CBEE-4773-9FF2-5615B3ADC441}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{3E13E96C-612A-4A55-A0DE-BAD910F22FC6}" = protocol=6 | dir=in | app=e:\battle.net\battle.net.exe |
"{3E60E08F-C91E-431F-A9F6-F0D4BBDEC2CA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal\hl2.exe |
"{40816DBF-F8FF-406C-8B4C-CD87E2B80335}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{418A4E44-5092-4BB9-A573-D45B08B678D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42DF4730-D4AD-4AE6-B37F-47A19594430A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43C65A0A-6A24-44DE-A44C-F40491DFC9C0}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the amazing spider-man 2\asm2launcher.exe |
"{46C580AF-5978-4727-91AE-EAA8613CA7B6}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{49E9DCA1-C740-4E14-BCA3-D28495E50E5E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4AD9ACC9-576E-4C84-ACC9-DAC227603955}" = protocol=6 | dir=in | app=e:\hearthstone\hearthstone.exe |
"{4B6A281C-7081-4680-B644-964CA5FB4262}" = dir=in | name=@{828b5831.specialenquirydetailengagedtokill_1.0.0.0_x86__ytsefhwckbdv6?ms-resource://828b5831.specialenquirydetailengagedtokill/resources/kd_app_name} |
"{4C92DA4B-45E2-42DF-BC30-F6C72221F12A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\nosgoth\binaries\win32\nosgoth.exe |
"{4E25E44F-87DF-40ED-9629-0A27199F11E4}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal\hl2.exe |
"{4F157E45-2203-43D1-9BBD-8240F9CA6812}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe |
"{5054848E-6B25-4FC6-9E91-A348160A79CD}" = protocol=17 | dir=in | app=e:\origin spill\crysis 3\crysis 3 - digital deluxe edition content\launcher.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{552AFFC1-46D7-4BDD-8265-2610322E3FDD}" = protocol=1 | dir=out | [email protected],-28544 |
"{55579270-6B73-49D3-B08C-6B2796F0E1B2}" = protocol=58 | dir=out | [email protected],-28546 |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{564A8A25-3212-4142-89B3-AC5E0785218B}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{59CDE685-ADAE-4F23-90B2-3C72116F2A25}" = dir=out | name=windows phone |
"{5A4A04A5-844C-4D59-90E0-5EDE17D3CE8C}" = dir=in | name=windows phone |
"{5ACD0BCA-6727-4296-B474-F358605DB883}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{5AD37290-A27C-4907-9D81-08C78ACF143E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B001861-6136-4E08-AF3B-AAE10C612F5D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{5DD4A9E3-8927-4565-AFA0-80921AA837D1}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{5E8DC0DE-CA63-4913-BDF6-48B1406DB658}" = protocol=6 | dir=in | app=e:\ac iii\ac3mp.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FD8E076-8554-47BB-AB41-0CC2403605E8}" = dir=out | name=compello |
"{61EA6FC4-0BE5-4740-8637-C7A1200DE13A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\reus\reus.exe |
"{6431AF2A-D4DF-4C80-BE46-7BD31C5EE750}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{67E649F3-8501-450C-98FE-56700828612C}" = protocol=6 | dir=in | app=e:\origin spill\crysis 3\crysis 3 - digital deluxe edition content\launcher.exe |
"{68265245-8DEE-41CD-8A74-00E0B954BC2B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6A640933-4DF6-43D7-AA20-C461800B451C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{6BC66756-18B8-41E9-AC6D-658A5016F06C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6BDCD13B-40CC-4741-A777-DC46F48DC364}" = protocol=17 | dir=in | app=e:\hearthstone\hearthstone.exe |
"{6C5F24E5-DD20-4675-A678-BD757D99618E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{72F1BE63-9207-42A4-BA97-49B3DF0A809A}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\trials fusion\datapack\trials_fusion.exe |
"{740D00DE-3E02-4F7A-871D-02C734B9748E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe |
"{754F6CE5-7921-4F7C-822C-C3CFC46B1E9F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{75EBE44D-4C3C-44E3-9AFA-38C4D0B1DD26}" = protocol=17 | dir=in | app=e:\origin spill\battlefield 3\bf3.exe |
"{78957741-45D3-479A-AFB6-07F5CC87146A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{790DEE7F-6B97-4100-B403-DC7BE9FF9D34}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe |
"{7C6B66CA-4E27-42A2-AF7B-57D015D580B2}" = protocol=17 | dir=in | app=e:\origin spill\mass effect 3\binaries\win32\masseffect3.exe |
"{7D50E00B-186F-48F6-B716-D6C87AC6DB43}" = dir=out | name=skype |
"{7E1425B7-AD50-4F8D-AEEB-A45405508B89}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{7F476317-64FC-4D5D-9866-D2B988CF1DF6}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe |
"{807C5610-08A6-4C7F-BA27-06239AFE23E3}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\toki tori 2\tokitori2.exe |
"{80EFD3A3-60D5-4E11-8AF0-4CE112102A20}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{83BC6009-AF91-451D-A269-35B7B579D05A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe |
"{88CAF73C-57F6-4408-BFD8-A07050EE3628}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\trials fusion\datapack\trials_fusion.exe |
"{8BAFF469-1EA7-4381-9266-6B27834C313D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D95713C-B779-42D3-96D4-840CA8624264}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{8ED37E39-7D8A-434F-A8BC-45D5CCA38AE4}" = protocol=17 | dir=in | app=e:\origin spill\battlefield 4\bf4_x86.exe |
"{92B84C75-C9A7-4039-BF5D-7488B5BAE254}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{92EEA118-BFCD-4222-8855-66A58F56DAEA}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{93C4FF89-8E1E-4033-B035-730D85283A39}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{949184F0-8B34-4D8B-B63C-BA6B99B5DF03}" = protocol=6 | dir=in | app=c:\program files (x86)\trademanager\aliim.exe |
"{9691F363-8C20-4851-BF55-B0C1EAB7B9FA}" = protocol=6 | dir=in | app=e:\origin spill\titanfall\titanfall.exe |
"{99A8D5CF-0F8A-4F1C-9E07-2093B46178D2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9ECC6D6E-6251-43CF-B24A-E51A025658D4}" = dir=out | name=@{3574gindasoft.to-dos_2.1.0.0_neutral__vhpcp2ef0a8kc?ms-resource://3574gindasoft.to-dos/resources/manifest_appname} |
"{9F6F1033-459F-4864-B304-66EE9EC2B451}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A184F394-E701-4E9C-A174-73EF819D8736}" = dir=out | name=invoice360 |
"{A1E1A0CB-7516-4697-9C37-A3C7E5B76C8D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A22E400D-7971-4FD6-ACA0-D88BCB28D388}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\castle story\castle story prototype.exe |
"{A2FB1D0A-CCDC-4E13-A19C-B00AED1746A5}" = protocol=17 | dir=in | app=e:\origin spill\titanfall\titanfall.exe |
"{A4394862-C49E-4BE9-8F8A-21E12BE80613}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{A48C2728-5117-461E-BB4B-D017D2040068}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{A5588ACB-81E5-4C1F-B46C-4F34D8D20BB5}" = dir=out | name=disney infinity: toy box |
"{AD48A75E-B0C9-4056-ADF1-B607D9D7414E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\game dev tycoon\gamedevtycoon.exe |
"{ADD76760-F723-4EB9-8FE3-36876AEF0C53}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AE90C2CE-3C44-4889-9DDE-0071ED00555D}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{AEF39534-9532-4AC0-A3CB-0B5948906E22}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\toki tori 2\tokitori2.exe |
"{AF7A2CC6-4C41-4AAB-839C-32CC95724FBC}" = dir=in | name=@{828b5831.standofood3_1.2.3.0_x86__ytsefhwckbdv6?ms-resource://828b5831.standofood3/resources/kd_app_name} |
"{AF8682F1-6928-4AC2-9461-6F61CC2D2211}" = dir=in | app=c:\users\kima\appdata\local\torch\application\torch.exe |
"{B0D3A8A8-3895-4740-B8CD-784228ACEC4B}" = dir=in | app=c:\users\kima\appdata\local\torch\plugins\hola\hola_plugin_x64.exe |
"{B2387181-136D-4CD5-AC00-D65F2FF14A3E}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the amazing spider-man 2\asm2launcher.exe |
"{B32B2F1E-B422-41CB-8DED-63BD3EF72727}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B3746F21-79D0-44AE-9C0F-E5F22EFCA1CB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B4464F4E-06F4-4949-BDA3-D726547F282F}" = protocol=6 | dir=in | app=e:\origin spill\battlefield 4\bf4_x86.exe |
"{B4E48037-A5A0-4F6E-8BB0-AC6470424538}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\reus\reus.exe |
"{B8E783DB-DF02-4283-B99F-699D51001831}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\3dmarklauncher.exe |
"{BA573343-FE34-4FB1-8E73-41B807D341A6}" = protocol=17 | dir=in | app=e:\origin spill\battlefield 4\bf4.exe |
"{BF3D4199-9A7A-4E29-8D99-8357560310C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF4EA14A-4430-4564-946C-9D4C3C75AB24}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{BFF2C19A-40C5-4E8C-99EF-2F0007963E5B}" = protocol=17 | dir=in | app=e:\battle.net\battle.net.exe |
"{C270D6C8-B54C-4A99-9504-FB3EA5C2DF9A}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\nosgoth\binaries\win32\nosgoth.exe |
"{C2A9172F-72F4-4408-8B71-359854380249}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C39819B5-6EE0-4A24-98E3-9FA44A8437F2}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\3dmarklauncher.exe |
"{C4D851CB-1112-4357-B616-E5D5815E03AF}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{C58915DA-B64A-468F-8BBB-8F8AF6B44F52}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe |
"{CAC445F9-215A-4772-88D6-03C288E7AF75}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{CB175B9C-063A-4867-8798-FA7056E8AA54}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{CF6B08A5-97D3-4DD8-8114-CBEB608ABD90}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\free to play\ftp.exe |
"{CF7B4896-C700-407A-8469-0905A797B5A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CFDFCDF4-8A51-45EF-AF71-D1DFAA6561D9}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{CFFC4148-787F-41EE-8365-C12B0A0EB313}" = dir=in | app=c:\users\kima\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{D13C0DE1-86B5-4377-8C92-921E30DA016C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D14D68A6-31C6-4B3F-BBE4-B6FEA03E52ED}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D19C0BA6-1BCE-4E81-887F-72265A933307}" = protocol=6 | dir=in | app=e:\origin spill\crysis 3\bin32\crysis3.exe |
"{D1ED761F-B63D-468A-8C1B-12F692477BCF}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\bridgeconstructor\bridgeconstructor.exe |
"{D3688783-6AA2-45C8-8B26-FE76F7AF3927}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\trials fusion\datapack\trials_fusion.exe |
"{D3C9DDB2-B170-4BD6-9C31-52AA66958ECF}" = protocol=1 | dir=in | [email protected],-28543 |
"{D47389FD-49C4-493A-888D-4C9AD189E97D}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D52265D8-AF33-4CE3-AA4B-98F9A37C4D63}" = protocol=58 | dir=in | [email protected],-28545 |
"{D535842F-8FAB-484E-8207-87E34F6527DF}" = dir=in | app=c:\users\kima\appdata\local\torch\plugins\hola\hola_plugin.exe |
"{D5647639-FED6-40C7-A80D-372F61140CC7}" = protocol=17 | dir=in | app=e:\ac iii\assassinscreed3.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D83B0296-1DFF-42C0-945B-779594187B80}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{D8FE7947-40ED-4C98-AAAF-39FACCCA5F34}" = protocol=6 | dir=in | app=e:\watch_dogs\bin\watch_dogs.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DDB9B5C9-1D51-4CDD-843C-93CF16E2E6BA}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe |
"{DEFC955E-E08A-44B9-AE74-765B1279FCA6}" = protocol=17 | dir=in | app=e:\ac iii\ac3mp.exe |
"{E180262A-432B-4304-A683-C0093DAA0143}" = dir=out | name=@{828b5831.supermarketmania2_1.6.2.0_x86__ytsefhwckbdv6?ms-resource://828b5831.supermarketmania2/resources/kd_app_name} |
"{E3A46662-F886-43E9-8FD6-EF6F1B2DA895}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E3D63869-0F31-4139-A53D-11BF7F910219}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{E9463E4D-CB05-47E0-A513-3842948769B1}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{E9D2B2B5-D93A-48A5-A617-6A66BBEDE3EC}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\marvel heroes\unrealengine3\binaries\win32\marvelgame.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDEBFDCB-4E8C-4538-8D2F-0BFF174A3263}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\terraria\terraria.exe |
"{EE6566B0-59D8-4D08-BE57-DE68C8B09639}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{EF091D30-50EE-48FF-AFDA-2B3BAE0C7734}" = protocol=6 | dir=in | app=e:\origin spill\mass effect 3\binaries\win32\masseffect3.exe |
"{F0710A6F-AF1E-45A7-8374-F1810E0B1CF4}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe |
"{F40E3EE4-89B6-4CF1-A7C9-9191272CA114}" = dir=in | name=skype |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F7205504-A562-42D9-9B9A-57E3637DD3E2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F886B09F-0C9A-40DC-9F0C-C4401FFE1B86}" = protocol=17 | dir=in | app=e:\origin spill\dead space\dead space.exe |
"{F8F84BDE-F9C3-408F-BB44-040B64031BFE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{FA3D134B-AC83-437A-A8EA-5C80C8FF2639}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{FBA9EF57-9FC4-4356-8806-B44AC3A2E4DA}" = dir=out | name=@{828b5831.specialenquirydetailengagedtokill_1.0.0.0_x86__ytsefhwckbdv6?ms-resource://828b5831.specialenquirydetailengagedtokill/resources/kd_app_name} |
"{FDAC3683-5171-4D04-B51E-4066C5BC99BB}" = protocol=6 | dir=out | app=system |
"{FEECDBAC-F568-4EB4-AA77-4524375D4490}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\bridgeconstructor\bridgeconstructor.exe |
"{FF85FA6F-29B6-42FC-88DA-413D30101CB0}" = protocol=17 | dir=in | app=e:\ac iii\ac3sp.exe |
"TCP Query User{C9575AA3-96F9-407B-B031-441AE9A47FD5}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{43E41A78-9C8D-41AF-BF58-FE4D5110738C}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2B7A8C9C-465A-42F0-B9C3-180FDAAB2C4B}" = Intel® Network Connections 18.8.136.0
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{44D7B997-3F6A-C2F7-78DD-3B31F776CE66}" = ACP Application
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7BFFB77E-F04B-AC33-614D-A2FFE5B1E2D1}" = AMD Accelerated Video Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D95B61A-9759-40F7-69BF-54DCE6675143}" = AMD Catalyst Install Manager
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}" = Adblock Plus for IE (32-bit and 64-bit)
"{FB17462E-ED3D-1D33-2108-26F4C37C6AD1}" = ccc-utility64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.69.2
"EPSON XP-402 403 405 406 Series" = Avinstaller skriver EPSON XP-402 403 405 406 Series
"GIMP-2_is1" = GIMP 2.8.10
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PROSetDX" = Intel® Network Connections 18.8.136.0
"WhoCrashed_is1" = WhoCrashed 5.00
"WinRAR archiver" = WinRAR 5.10 beta 4 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1
"{087B9123-2793-AFD4-7AC0-0E2F939657E2}" = CCC Help Dutch
"{0C4FABD1-92DD-DA78-9570-1CB8C6C4D6E5}" = CCC Help Japanese
"{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1" = Driver Fusion
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D FurMark 1.12.0
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{26F54DF4-CF84-4BD2-A3ED-A4CC7CCF3492}" = ITbrain Agent
"{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}" = Crysis®3 Digital Deluxe Edition Content
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = BD_3D Advisor
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{34746876-2972-9A57-A1A5-C7865785A62E}" = CCC Help German
"{347EE0C3-0690-48F6-A231-53853C2A80D6}" = Titanfall
"{39A05D92-5B6E-84E1-2006-B9B89CECFDC7}" = CCC Help Danish
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3E977FB7-0A6F-4B7D-AE5A-0C080F71D951}" = CoolerMaster Trigger
"{4050C71E-EB43-4A8C-B6A6-778DD6F8252C}" = Futuremark SystemInfo
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink LG Burning Tool
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3
"{419CF1B5-0FAE-9EE3-C621-AD3DA7A53B06}" = CCC Help English
"{46BEC94A-8D93-A1FB-2010-276F3DDCB779}" = CCC Help French
"{46F4462B-8113-B293-1AF2-00B3B0EEB9D3}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{522536D5-883B-5E3C-7880-8ECB28FB4596}" = CCC Help Finnish
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect 3
"{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}" = Sound Blaster Recon3Di Extras
"{571637E3-F891-507C-9DA2-47B22C37C544}" = CCC Help Turkish
"{5E68C794-2884-F495-09B0-62AEA1DCE08A}" = CCC Help Russian
"{5EA2099A-0249-1D98-5387-0BEF207D72AA}" = AMD Catalyst Control Center
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{62EEC21F-308D-570A-2279-8621AFE237B6}" = CCC Help Chinese Traditional
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{69FDB13A-7740-1CC1-016F-CEB08DF1CF38}" = Catalyst Control Center Localization All
"{6DC13EFF-D4FF-65B6-7538-8B3E6075853F}" = Catalyst Control Center InstallProxy
"{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}" = Dead Space
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D3B16A-0947-7F94-6BF6-490AF844B2E8}" = CCC Help Polish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1" = iSkysoft PDF Editor(Build 3.0.0)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Powersuite
"{7F87D86E-0D51-F8F1-9E83-DEA9F2FB4103}" = CCC Help Italian
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8624569E-94AE-EF90-92E2-6AD8E5A617ED}" = AMD Catalyst Control Center
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8FED5458-A4D8-B32E-D098-0CD13E7DFA96}" = CCC Help Portuguese
"{9010713F-E301-637D-52BA-A7CB2C26A6F0}" = CCC Help Thai
"{90D2DF70-F0E8-2CA3-F3B9-DD7CE267BB19}" = Catalyst Control Center Graphics Previews Common
"{918F3CE9-7164-4C6D-9530-66F12EFB4585}" = Sound Blaster Recon3Di
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed® III v1.06
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A3B308B9-BE96-4334-816F-3D82B19A7DE2}" = Software Updater
"{A60763B2-8D86-258F-565C-F6F1B48DB563}" = CCC Help Chinese Standard
"{A70FBCFC-227F-3AA5-40BA-0ED0EF40AB70}" = CCC Help Norwegian
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4
"{AC76BA86-7AD7-1044-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Norsk
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}" = Skype Web Plugin
"{B5BE22C7-420A-5F14-A1B9-4AB3F3DE0A3E}" = Catalyst Control Center InstallProxy
"{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1" = RAR Password Unlocker 4.2.0.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BF5ACEF5-C66A-A0FB-2931-927778AF8D0A}" = CCC Help Spanish
"{C68D4599-2D2A-2060-39D0-0B3DEA861657}" = Catalyst Control Center Localization All
"{C8AD2316-A453-A53D-FA6A-319D4D3A3DBA}" = CCC Help Czech
"{CC0F816C-4993-DC4D-51F4-2E9D3DBDEAAF}" = CCC Help Greek
"{D46336D9-3C98-2607-FE17-EE012C6D2948}" = CCC Help Korean
"{D95E6F4F-C11C-42B8-94F0-D59A0CBCA22D}" = ITbrain Agent
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple-programsupport
"{DEB9DC81-DCF5-8688-8A5A-35A19A1C0659}" = CCC Help Hungarian
"{E00985A8-4974-E464-2A49-9263F8AE4DF6}" = AMD Catalyst Control Center
"{E5A2014F-F04E-33A0-5548-1A1FD35D0B49}" = Catalyst Control Center InstallProxy
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EDDAEBE4-E1AF-838A-E641-B7373317D15D}" = CCC Help Swedish
"{EEB34D84-92A1-7BE3-6DB7-ABD1C4912D6B}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB474A6C-CB62-AA42-A618-2EA58F0F2504}" = Catalyst Control Center Localization All
"{fd97d1e2-368a-4cd9-af63-8eeff938044a}" = Adblock Plus for IE
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Easysoft Total Video Converter_is1" = 4Easysoft Total Video Converter
"Afterburner" = MSI Afterburner 3.0.0 Beta 16
"Battle.net" = Battle.net
"Battlelog Web Plugins" = Battlelog Web Plugins
"Driver Fusion" = Driver Fusion Premium
"EPSON Scanner" = EPSON Scan
"ESN Sonar-0.70.4" = ESN Sonar
"Farming World" = Farming World
"Fraps" = Fraps
"Hearthstone" = Hearthstone
"HyperCam 3 3.6.1403.19" = HyperCam 3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink LG Burning Tool
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"ITbrain Agent" = ITbrain Agent
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.1.5
"NIS" = Norton Internet Security
"NST" = Norton Identity Safe
"Origin" = Origin
"Plus500" = Plus500
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"Steam App 16450" = F.E.A.R. 2: Project Origin
"Steam App 200110" = Nosgoth
"Steam App 21090" = F.E.A.R.
"Steam App 21100" = F.E.A.R. 3
"Steam App 21110" = F.E.A.R.: Extraction Point
"Steam App 21120" = F.E.A.R.: Perseus Mandate
"Steam App 227860" = Castle Story
"Steam App 231350" = 3DMark Demo
"Steam App 245490" = Trials Fusion
"Steam App 245550" = Free to Play
"Steam App 267550" = The Amazing Spider-Man 2
"Steam App 28050" = Deus Ex: Human Revolution
"TeamViewer 9" = TeamViewer 9
"Tenorshare iPhone 5(5s,5c) Data Recovery" = Tenorshare iPhone 5(5s,5c) Data Recovery
"TradeManager" = TradeManager 2013 Beta2
"Uplay" = Uplay
"Uplay Install 273" = Assassin's Creed IV Black Flag
"Uplay Install 274" = WATCH_DOGS
"VLC media player" = VLC media player 2.1.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1b698b8244a7d3e8" = SMS+
"Softonic for Windows" = Softonic for Windows
"Torch" = Torch
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.06.2014 19:39:05 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 3006
Description =

Error - 11.06.2014 19:39:05 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 3007
Description =

Error - 11.06.2014 19:39:05 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 10021
Description =

Error - 11.06.2014 19:39:33 | Computer Name = KIMOLSEN | Source = Steam Client Service | ID = 1
Description = Error: Failed to add firewall exception for E:\Steam\steam.exe

Error - 12.06.2014 05:13:29 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 3006
Description =

Error - 12.06.2014 05:13:29 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 3007
Description =

Error - 12.06.2014 05:13:29 | Computer Name = KIMOLSEN | Source = Windows Search Service | ID = 10021
Description =

Error - 12.06.2014 06:22:59 | Computer Name = KIMOLSEN | Source = Steam Client Service | ID = 1
Description = Error: Failed to add firewall exception for E:\Steam\steam.exe

Error - 12.06.2014 06:35:43 | Computer Name = KIMOLSEN | Source = Steam Client Service | ID = 1
Description = Error: Failed to add firewall exception for E:\Steam\steam.exe

Error - 12.06.2014 06:50:56 | Computer Name = KIMOLSEN | Source = Application Error | ID = 1000
Description = Programnavn med feil: IEXPLORE.EXE, versjon: 11.0.9600.17126, tidsangivelse:
0x53882e30 Modulnavn med feil: combase.dll, versjon: 6.3.9600.17031, tidsangivelse:
0x53086d7c Unntakskode: 0xc0000005 Feilforskyvning: 0x000165cf Feil prosess-ID: 0x1858
Feil
starttid for program: 0x01cf8628401fce16 Feil programbane: C:\Program Files (x86)\Internet
Explorer\IEXPLORE.EXE Feil modulbane: C:\Windows\SYSTEM32\combase.dll Rapport-ID:
6e15278d-f21f-11e3-83ea-94de806c55d3 Fullstendig navn på feilpakke: Relativ program-ID
for feilpakke:

[ System Events ]
Error - 06.06.2014 07:52:35 | Computer Name = KIMOLSEN | Source = sfloppy | ID = 262151
Description =

Error - 09.06.2014 07:58:56 | Computer Name = KIMOLSEN | Source = Schannel | ID = 36887
Description = Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for
det kritiske varselet er ifølge TLS-protokollen 20.

Error - 09.06.2014 19:38:56 | Computer Name = KIMOLSEN | Source = Service Control Manager | ID = 7009
Description = Det oppstod et tidsavbrudd (30000 millisekunder) under venting på
at tjenesten Steam Client Service skal koble til.

Error - 09.06.2014 19:38:56 | Computer Name = KIMOLSEN | Source = Service Control Manager | ID = 7000
Description = Tjenesten Steam Client Service kan ikke starte på grunn av følgende
feil: %%1053

Error - 10.06.2014 08:41:12 | Computer Name = KIMOLSEN | Source = Schannel | ID = 36887
Description = Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for
det kritiske varselet er ifølge TLS-protokollen 20.

Error - 10.06.2014 12:21:45 | Computer Name = KIMOLSEN | Source = Schannel | ID = 36887
Description = Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for
det kritiske varselet er ifølge TLS-protokollen 20.

Error - 10.06.2014 14:00:16 | Computer Name = KIMOLSEN | Source = bowser | ID = 8003
Description =

Error - 11.06.2014 08:44:29 | Computer Name = KIMOLSEN | Source = Schannel | ID = 36887
Description = Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for
det kritiske varselet er ifølge TLS-protokollen 20.

Error - 11.06.2014 11:55:14 | Computer Name = KIMOLSEN | Source = Schannel | ID = 36887
Description = Et kritisk varsel er mottatt fra det eksterne endepunktet. Koden for
det kritiske varselet er ifølge TLS-protokollen 20.

Error - 11.06.2014 18:42:35 | Computer Name = KIMOLSEN | Source = Service Control Manager | ID = 7030
Description = Tjenesten NPEService er merket som en interaktiv tjeneste. Men systemet
er konfigurert for ikke å tillate interaktive tjenester. Denne tjenesten vil muligens
ikke fungere som den skal.


< End of report >
  • 0

Advertisements

#2
Florax
Posted 12 June 2014 - 08:43 AM

Florax

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

This is for now solved. As I just did a system restore. No ads in my steam Client for now.


  • 0

#3
Essexboy
Posted 12 June 2014 - 08:48 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, I can see the problem

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014.05.08 11:45:50 | 000,018,944 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe -- (SystemUpdatekb70007)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
O2 - BHO: (FlowSurf) - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: FlowSurf - {6CA2A4DE-483E-456B-8634-6445460D7097} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll File not found
[2014.02.19 12:58:24 | 000,000,000 | ---D | M] -- C:\Users\KimA\AppData\Roaming\newnext.me

:Files
C:\Windows\Microsoft\SystemUpdatekb70007

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" =-

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#4
Essexboy
Posted 16 June 2014 - 12:17 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP