Hi Ron
I did everything as asked, but the VEW.exe does not work. It says it has not been coded for my language. I find it kind of weird as I am using a English version of windows.
I did uncheck trace disk IO calls, when I ran aswMBR.
I have pasted all the logs below.
Happy new year
Michael
ComboFix 12-01-03.04 - Michael Eilersen 01/03/2012 15:38:39.2.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1033.18.8190.6024 [GMT 1:00]
Křrer fra: c:\users\Michael Eilersen\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Michael Eilersen\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Dannede nyt systemgendannelsespunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPTD
-------\Service_sptd
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2011-12-03 til 2012-01-03 )))))))))))))))))))))))))))))))))))
.
.
2011-12-30 15:22 . 2011-12-30 15:22 -------- d-----w- c:\program files\gs
2011-12-27 23:17 . 2011-12-27 23:17 -------- d-----w- c:\users\Michael Eilersen\.gnubg
2011-12-27 23:17 . 2011-12-27 23:17 -------- d-----w- c:\program files (x86)\gnubg
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\program files (x86)\Goto.Games
2011-12-27 21:54 . 2011-12-27 21:54 -------- d-----w- C:\Snowie Documents
2011-12-27 21:54 . 1997-03-04 06:44 66560 ----a-w- c:\windows\SysWow64\NMORENU.DLL
2011-12-27 21:54 . 1997-01-29 11:05 169472 ----a-w- c:\windows\SysWow64\HTML.OCX
2011-12-27 21:54 . 1997-01-29 10:58 462848 ----a-w- c:\windows\SysWow64\NMW3VWN.DLL
2011-12-27 21:54 . 1997-01-29 10:53 240640 ----a-w- c:\windows\SysWow64\NMOCOD.DLL
2011-12-27 21:54 . 1997-01-29 10:46 48128 ----a-w- c:\windows\SysWow64\NMSCKN.DLL
2011-12-27 21:53 . 1999-06-21 04:10 183808 ----a-w- c:\windows\SysWow64\bdeadmin.cpl
2011-12-27 21:53 . 2011-12-27 21:53 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2011-12-27 21:52 . 2011-12-27 21:52 -------- d-----w- c:\program files (x86)\SnowieGroup
2011-12-27 21:52 . 2000-01-04 09:39 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2011-12-27 21:00 . 2011-12-27 21:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-16 16:32 . 2011-12-27 21:45 -------- d-----w- c:\users\Michael Eilersen\AppData\Local\Play65
2011-12-15 18:46 . 2011-12-13 18:17 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-15 18:46 . 2011-12-13 18:17 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-15 18:46 . 2011-12-13 18:17 814040 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-12-15 18:46 . 2011-12-13 18:17 2124760 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-12-15 18:46 . 2011-12-13 18:17 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-15 18:46 . 2011-12-13 18:17 486360 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-15 18:46 . 2011-12-13 18:17 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-12-15 18:46 . 2011-12-13 05:52 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-15 18:46 . 2011-12-13 05:52 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-15 18:46 . 2011-12-13 05:52 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-15 18:46 . 2011-12-13 05:52 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-15 18:46 . 2011-12-13 05:52 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-15 11:27 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 11:27 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 11:27 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 11:27 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 11:27 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 11:27 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-12-15 11:25 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-12-15 11:21 . 2009-08-19 22:50 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\program files (x86)\World of Warcraft.temp
2011-12-12 23:55 . 2011-12-12 23:56 -------- d-----w- c:\programdata\Blizzard Entertainment
2011-12-06 22:19 . 2011-12-06 22:19 -------- d-----w- c:\program files\ESET
2011-12-06 21:00 . 2010-12-09 09:48 1996752 ----a-w- c:\windows\PCTBDCore.dll
2011-12-06 21:00 . 2010-12-03 14:34 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-12-06 21:00 . 2010-12-03 14:34 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-12-06 21:00 . 2010-12-03 14:34 767952 ----a-w- c:\windows\BDTSupport.dll
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
2011-12-06 17:27 . 2011-12-06 17:27 -------- d-----w- c:\programdata\!SASCORE
2011-12-06 16:06 . 2011-12-06 16:06 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-12-06 16:06 . 2011-12-06 16:06 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-12-06 16:05 . 2011-12-06 16:05 -------- d-----w- c:\programdata\Hitman Pro
2011-12-06 15:50 . 2010-11-17 09:20 331368 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2011-12-06 15:50 . 2010-11-17 09:20 136168 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2011-12-06 15:50 . 2010-07-16 13:53 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
2011-12-06 15:50 . 2010-06-29 09:35 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys
2011-12-06 15:50 . 2010-11-25 09:43 257232 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2011-12-06 15:50 . 2010-11-25 09:42 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
2011-12-06 15:50 . 2011-12-27 18:10 -------- d-----w- c:\program files (x86)\PC Tools Security
2011-12-06 15:50 . 2011-12-06 15:52 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\programdata\PC Tools
2011-12-06 15:50 . 2011-12-06 15:50 -------- d-----w- c:\users\Michael Eilersen\AppData\Roaming\PC Tools
2011-12-06 10:51 . 2011-12-13 22:53 -------- d-----w- c:\programdata\AVAST Software
2011-12-06 10:51 . 2011-12-06 10:51 -------- d-----w- c:\program files\AVAST Software
2011-12-06 10:36 . 2011-12-07 22:52 -------- d-----w- c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 11:07 . 2011-09-18 08:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-25 09:06 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FEC62F5-785C-40B8-B1DB-F3960CD3E519}\mpengine.dll
2009-03-01 23:10 . 2009-03-01 23:10 36868 ----a-w- c:\program files (x86)\uninst-Particular.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-27_19.02.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-21 11:19 . 2012-01-03 12:54 25840 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3194313822-558712583-1741877353-1000_UserData.bin
- 2008-10-21 11:16 . 2011-12-27 18:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-21 11:16 . 2011-12-27 18:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-21 11:16 . 2011-12-28 11:36 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-10-21 11:16 . 2011-12-27 18:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-28 21:26 . 2011-12-31 13:36 3568 c:\windows\system32\WDI\ERCQueuedResolutions.dat
- 2008-10-28 21:26 . 2011-12-27 18:23 3568 c:\windows\system32\WDI\ERCQueuedResolutions.dat
- 2011-12-27 19:01 . 2011-12-27 19:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-03 14:58 . 2012-01-03 14:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:01 . 2011-12-27 19:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-03 14:58 . 2012-01-03 14:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-01-21 02:23 . 2012-01-03 12:54 108588 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2012-01-03 12:54 126212 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 12:46 . 2012-01-03 13:00 715180 c:\windows\system32\perfh009.dat
- 2006-11-02 12:46 . 2011-12-27 18:33 715180 c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2012-01-03 13:00 151730 c:\windows\system32\perfc009.dat
- 2006-11-02 12:46 . 2011-12-27 18:33 151730 c:\windows\system32\perfc009.dat
+ 2009-07-15 17:08 . 2012-01-03 13:51 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-15 17:08 . 2011-12-27 18:09 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-11-04 02:14 . 2012-01-03 14:56 512552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2006-11-02 15:21 . 2011-12-28 10:46 3336552 c:\windows\system32\FNTCACHE.DAT
+ 2010-11-04 02:14 . 2012-01-03 14:56 4801258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3194313822-558712583-1741877353-1000-12288.dat
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemćrk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-01-01 1242448]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Boxoft Tools"="c:\programdata\Boxtools\Boxofttoolbox.exe" [2010-12-15 514048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-09-07 40376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2010-12-03 108496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ZAFFRegisterTrustChecker"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"ZAFFRegisterTrustCheckerIE"="c:\windows\system32\regsvr32.exe" [2006-11-02 14336]
"FlashPlayerUpdate"="c:\windows\SysWow64\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936]
.
c:\users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FIFA 11 Registration.lnk - c:\program files (x86)\EA SPORTS\FIFA 11\Support\EAregister.exe [N/A]
SpywareGuard.lnk - c:\program files (x86)\SpywareGuard\sgmain.exe [2003-8-29 360448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
IME File REG_SZ IMSC12.IME
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
Ime File REG_SZ imjp12.ime
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200412]
Ime File REG_SZ IMKR12.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-03-12 288112]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Indhold af mappen 'Planlagte Opgaver'
.
2011-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
- c:\users\Michael Eilersen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 11:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Michael Eilersen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF6649.3XE" [2008-01-21 363008]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.b.dk
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 193.162.153.164 194.239.134.83
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.berlingske.dk/
FF - prefs.js: network.proxy.type - 0
FF - user.js: extentions.y2layers.installId - cfbda1d4-73a7-4b12-94b0-72236fe94cf7
FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader,
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LĹSTE REGISTRERINGS NŘGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,98,68,c4,69,08,c0,41,be,a8,be,\
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"=""
"FMPath"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\"
"ScreenshotsDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011"
"SaveDir"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="c:\\FM Genie Scout 11\\History Points"
"LangDB"="c:\\program files (x86)\\steam\\steamapps\\common\\football manager 2011\\data\\updates\\update-1130\\db\\1130\\lang_db.dat"
"LastSaveGame"="c:\\Users\\Michael Eilersen\\Documents\\Sports Interactive\\Football Manager 2011\\games\\rotherham - 1.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"GraphStep"=dword:00000000
"SkinName"="PSV Eindhoven"
"LastUpdateCheck"=dword:00009e56
"VersionOf"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000081
"UniqueID"="C5-E580-EF4F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000019
"StaffSearchFeatureNum"=dword:00000005
"ClubSearchFeatureNum"=dword:00000003
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000012
"ExportFeatureNum"=dword:00000002
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:0000001b
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000000
"TopFormationFeatureNum"=dword:00000002
"ScreenshotFeatureNum"=dword:00000000
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*d?· \OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*ă˙ţ#\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3194313822-558712583-1741877353-1000\Software\SecuROM\License information*]
"datasecu"=hex:35,73,a2,9d,f6,d5,2f,c9,5e,b8,79,1c,64,c8,db,aa,33,c2,51,bf,23,
bb,c2,16,09,4e,d3,78,74,0e,d3,8f,65,75,5f,99,a0,ba,8d,83,0e,be,f6,e9,e4,38,\
"rkeysecu"=hex:fe,cb,78,e3,3b,96,d1,f0,12,62,bd,76,da,36,fc,ca
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:81,72,a7,79,37,28,5c,12,a6,dd,91,bd,1b,18,3c,1b,3f,e6,19,51,2f,
93,13,5e,99,8f,79,88,bc,e4,87,43,d3,a5,2c,58,14,f1,5f,a7,fe,f8,5f,5a,1f,f1,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet022\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Andre křrende processer ------------------------
.
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\SpywareGuard\sgbhp.exe
.
**************************************************************************
.
Gennemfřrt tid: 2012-01-03 16:11:43 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2012-01-03 15:11
ComboFix2.txt 2011-12-27 19:15
.
Pre-Křrsel: 83,439,218,688 bytes free
Post-Křrsel: 81,518,227,456 bytes free
.
- - End Of File - - 7D4B3CFE7684E698CE483F13F81627B5
========== PROCESSES ==========
All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
C:\Windows\SysWOW64\config.nt moved successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >0 File(s) copied
C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
< reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters %userprofile%\Desktop\winsock2.reg /c >C:\Users\Michael Eilersen\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Eilersen\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 56475 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest1
User: Michael Eilersen
->Flash cache emptied: 3260500 bytes
User: postgres
User: postgres.Eiler-PC
User: postgres.Eiler-PC.000
User: postgres.Eiler-PC.001
User: postgres.Eiler-PC.002
User: postgres.Eiler-PC.003
User: postgres.Eiler-PC.004
User: postgres.Eiler-PC.005
->Flash cache emptied: 0 bytes
User: postgres.Eiler-PC.006
->Flash cache emptied: 0 bytes
User: postgres.Eiler-PC.007
->Flash cache emptied: 0 bytes
User: postgres.Eiler-PC.008
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 3.00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Guest1
User: Michael Eilersen
->Java cache emptied: 2092359 bytes
User: postgres
User: postgres.Eiler-PC
User: postgres.Eiler-PC.000
User: postgres.Eiler-PC.001
User: postgres.Eiler-PC.002
User: postgres.Eiler-PC.003
User: postgres.Eiler-PC.004
User: postgres.Eiler-PC.005
User: postgres.Eiler-PC.006
User: postgres.Eiler-PC.007
User: postgres.Eiler-PC.008
User: Public
Total Java Files Cleaned = 2.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01032012_162747
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
16:18:06.0799 3416 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
16:18:06.0971 3416 ============================================================
16:18:06.0971 3416 Current date / time: 2012/01/03 16:18:06.0971
16:18:06.0971 3416 SystemInfo:
16:18:06.0971 3416
16:18:06.0971 3416 OS Version: 6.0.6002 ServicePack: 2.0
16:18:06.0971 3416 Product type: Workstation
16:18:06.0971 3416 ComputerName: EILER-PC
16:18:06.0971 3416 UserName: Michael Eilersen
16:18:06.0971 3416 Windows directory: C:\Windows
16:18:06.0971 3416 System windows directory: C:\Windows
16:18:06.0971 3416 Running under WOW64
16:18:06.0971 3416 Processor architecture: Intel x64
16:18:06.0971 3416 Number of processors: 4
16:18:06.0971 3416 Page size: 0x1000
16:18:06.0971 3416 Boot type: Normal boot
16:18:06.0971 3416 ============================================================
16:18:07.0673 3416 Initialize success
16:18:51.0134 3940 ============================================================
16:18:51.0134 3940 Scan started
16:18:51.0134 3940 Mode: Manual; SigCheck; TDLFS;
16:18:51.0150 3940 ============================================================
16:18:51.0618 3940 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
16:18:51.0727 3940 ACPI - ok
16:18:51.0774 3940 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
16:18:51.0805 3940 adfs - ok
16:18:51.0836 3940 ADIHdAudAddService (4a30fa79f8253134d398251db614e3c9) C:\Windows\system32\drivers\ADIHdAud.sys
16:18:51.0899 3940 ADIHdAudAddService - ok
16:18:51.0914 3940 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
16:18:51.0961 3940 adp94xx - ok
16:18:51.0977 3940 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
16:18:51.0992 3940 adpahci - ok
16:18:52.0024 3940 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
16:18:52.0024 3940 adpu160m - ok
16:18:52.0055 3940 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
16:18:52.0055 3940 adpu320 - ok
16:18:52.0102 3940 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
16:18:52.0164 3940 AFD - ok
16:18:52.0180 3940 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
16:18:52.0180 3940 agp440 - ok
16:18:52.0195 3940 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
16:18:52.0211 3940 aic78xx - ok
16:18:52.0226 3940 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
16:18:52.0242 3940 aliide - ok
16:18:52.0242 3940 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
16:18:52.0258 3940 amdide - ok
16:18:52.0273 3940 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
16:18:52.0382 3940 AmdK8 - ok
16:18:52.0445 3940 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
16:18:52.0460 3940 arc - ok
16:18:52.0476 3940 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
16:18:52.0492 3940 arcsas - ok
16:18:52.0492 3940 AsIO - ok
16:18:52.0507 3940 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
16:18:52.0554 3940 AsyncMac - ok
16:18:52.0585 3940 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
16:18:52.0601 3940 atapi - ok
16:18:52.0616 3940 Beep - ok
16:18:52.0632 3940 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
16:18:52.0679 3940 blbdrive - ok
16:18:52.0726 3940 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
16:18:52.0757 3940 bowser - ok
16:18:52.0772 3940 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
16:18:52.0835 3940 BrFiltLo - ok
16:18:52.0866 3940 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
16:18:52.0897 3940 BrFiltUp - ok
16:18:52.0913 3940 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
16:18:53.0038 3940 Brserid - ok
16:18:53.0116 3940 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
16:18:53.0178 3940 BrSerWdm - ok
16:18:53.0194 3940 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
16:18:53.0256 3940 BrUsbMdm - ok
16:18:53.0256 3940 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
16:18:53.0334 3940 BrUsbSer - ok
16:18:53.0334 3940 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
16:18:53.0412 3940 BTHMODEM - ok
16:18:53.0428 3940 catchme - ok
16:18:53.0443 3940 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
16:18:53.0490 3940 cdfs - ok
16:18:53.0506 3940 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
16:18:53.0537 3940 cdrom - ok
16:18:53.0552 3940 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
16:18:53.0584 3940 circlass - ok
16:18:53.0599 3940 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
16:18:53.0630 3940 CLFS - ok
16:18:53.0646 3940 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
16:18:53.0662 3940 cmdide - ok
16:18:53.0662 3940 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
16:18:53.0677 3940 Compbatt - ok
16:18:53.0693 3940 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
16:18:53.0693 3940 crcdisk - ok
16:18:53.0740 3940 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
16:18:53.0755 3940 DfsC - ok
16:18:53.0786 3940 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
16:18:53.0802 3940 disk - ok
16:18:53.0833 3940 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
16:18:53.0880 3940 Dot4 - ok
16:18:53.0896 3940 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:18:53.0927 3940 Dot4Print - ok
16:18:53.0942 3940 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
16:18:53.0974 3940 dot4usb - ok
16:18:54.0005 3940 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
16:18:54.0036 3940 drmkaud - ok
16:18:54.0083 3940 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
16:18:54.0114 3940 DXGKrnl - ok
16:18:54.0145 3940 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:18:54.0192 3940 E1G60 - ok
16:18:54.0208 3940 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
16:18:54.0223 3940 Ecache - ok
16:18:54.0254 3940 ElbyCDIO (15814b675e9d08953f2c64e4e5ccb4f4) C:\Windows\system32\Drivers\ElbyCDIO.sys
16:18:54.0270 3940 ElbyCDIO - ok
16:18:54.0286 3940 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
16:18:54.0317 3940 elxstor - ok
16:18:54.0332 3940 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
16:18:54.0364 3940 ErrDev - ok
16:18:54.0395 3940 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
16:18:54.0426 3940 exfat - ok
16:18:54.0457 3940 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
16:18:54.0488 3940 fastfat - ok
16:18:54.0504 3940 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
16:18:54.0535 3940 fdc - ok
16:18:54.0566 3940 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
16:18:54.0582 3940 FileInfo - ok
16:18:54.0598 3940 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
16:18:54.0629 3940 Filetrace - ok
16:18:54.0629 3940 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:18:54.0660 3940 flpydisk - ok
16:18:54.0691 3940 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
16:18:54.0707 3940 FltMgr - ok
16:18:54.0738 3940 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
16:18:54.0769 3940 Fs_Rec - ok
16:18:54.0785 3940 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
16:18:54.0800 3940 gagp30kx - ok
16:18:54.0816 3940 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:18:54.0832 3940 GEARAspiWDM - ok
16:18:54.0847 3940 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
16:18:54.0910 3940 HdAudAddService - ok
16:18:54.0941 3940 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:18:55.0003 3940 HDAudBus - ok
16:18:55.0019 3940 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
16:18:55.0081 3940 HidBth - ok
16:18:55.0097 3940 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
16:18:55.0144 3940 HidIr - ok
16:18:55.0175 3940 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
16:18:55.0206 3940 HidUsb - ok
16:18:55.0237 3940 hitmanpro35 (c6ff685e2ea55c3ac5c90b9e7d6930c0) C:\Windows\system32\drivers\hitmanpro35.sys
16:18:55.0253 3940 hitmanpro35 - ok
16:18:55.0268 3940 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
16:18:55.0268 3940 HpCISSs - ok
16:18:55.0315 3940 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
16:18:55.0378 3940 HTTP - ok
16:18:55.0409 3940 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
16:18:55.0409 3940 i2omp - ok
16:18:55.0424 3940 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
16:18:55.0456 3940 i8042prt - ok
16:18:55.0471 3940 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
16:18:55.0487 3940 iaStorV - ok
16:18:55.0502 3940 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
16:18:55.0518 3940 iirsp - ok
16:18:55.0534 3940 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
16:18:55.0549 3940 intelide - ok
16:18:55.0565 3940 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
16:18:55.0596 3940 intelppm - ok
16:18:55.0627 3940 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:18:55.0658 3940 IpFilterDriver - ok
16:18:55.0674 3940 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
16:18:55.0721 3940 IPMIDRV - ok
16:18:55.0768 3940 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
16:18:55.0814 3940 IPNAT - ok
16:18:55.0830 3940 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
16:18:55.0877 3940 IRENUM - ok
16:18:55.0892 3940 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
16:18:55.0908 3940 isapnp - ok
16:18:55.0939 3940 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
16:18:55.0955 3940 iScsiPrt - ok
16:18:55.0970 3940 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
16:18:55.0970 3940 iteatapi - ok
16:18:55.0986 3940 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
16:18:56.0002 3940 iteraid - ok
16:18:56.0002 3940 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
16:18:56.0017 3940 kbdclass - ok
16:18:56.0048 3940 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
16:18:56.0080 3940 kbdhid - ok
16:18:56.0111 3940 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
16:18:56.0142 3940 KSecDD - ok
16:18:56.0158 3940 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
16:18:56.0204 3940 ksthunk - ok
16:18:56.0220 3940 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
16:18:56.0267 3940 lltdio - ok
16:18:56.0282 3940 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
16:18:56.0298 3940 LSI_FC - ok
16:18:56.0314 3940 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
16:18:56.0329 3940 LSI_SAS - ok
16:18:56.0345 3940 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
16:18:56.0360 3940 LSI_SCSI - ok
16:18:56.0376 3940 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
16:18:56.0407 3940 luafv - ok
16:18:56.0454 3940 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
16:18:56.0470 3940 megasas - ok
16:18:56.0501 3940 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
16:18:56.0532 3940 MegaSR - ok
16:18:56.0548 3940 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
16:18:56.0594 3940 Modem - ok
16:18:56.0610 3940 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
16:18:56.0657 3940 monitor - ok
16:18:56.0657 3940 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
16:18:56.0672 3940 mouclass - ok
16:18:56.0688 3940 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
16:18:56.0735 3940 mouhid - ok
16:18:56.0735 3940 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
16:18:56.0750 3940 MountMgr - ok
16:18:56.0766 3940 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
16:18:56.0782 3940 mpio - ok
16:18:56.0797 3940 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
16:18:56.0844 3940 mpsdrv - ok
16:18:56.0844 3940 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
16:18:56.0860 3940 Mraid35x - ok
16:18:56.0891 3940 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
16:18:56.0922 3940 MRxDAV - ok
16:18:56.0938 3940 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:56.0969 3940 mrxsmb - ok
16:18:56.0984 3940 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:57.0016 3940 mrxsmb10 - ok
16:18:57.0031 3940 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:57.0047 3940 mrxsmb20 - ok
16:18:57.0062 3940 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
16:18:57.0078 3940 msahci - ok
16:18:57.0109 3940 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
16:18:57.0125 3940 msdsm - ok
16:18:57.0156 3940 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
16:18:57.0203 3940 Msfs - ok
16:18:57.0218 3940 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
16:18:57.0218 3940 msisadrv - ok
16:18:57.0234 3940 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
16:18:57.0281 3940 MSKSSRV - ok
16:18:57.0296 3940 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:57.0343 3940 MSPCLOCK - ok
16:18:57.0343 3940 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
16:18:57.0390 3940 MSPQM - ok
16:18:57.0421 3940 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
16:18:57.0437 3940 MsRPC - ok
16:18:57.0452 3940 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
16:18:57.0468 3940 mssmbios - ok
16:18:57.0484 3940 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
16:18:57.0530 3940 MSTEE - ok
16:18:57.0546 3940 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
16:18:57.0546 3940 MTsensor - ok
16:18:57.0562 3940 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
16:18:57.0577 3940 Mup - ok
16:18:57.0593 3940 mv61xx (792ca0761a6ff267fb271fa4dbe8cd84) C:\Windows\system32\DRIVERS\mv61xx.sys
16:18:57.0608 3940 mv61xx - ok
16:18:57.0640 3940 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
16:18:57.0655 3940 NativeWifiP - ok
16:18:57.0686 3940 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
16:18:57.0718 3940 NDIS - ok
16:18:57.0733 3940 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:57.0749 3940 NdisTapi - ok
16:18:57.0780 3940 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:57.0811 3940 Ndisuio - ok
16:18:57.0858 3940 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:57.0889 3940 NdisWan - ok
16:18:57.0920 3940 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
16:18:57.0952 3940 NDProxy - ok
16:18:57.0967 3940 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
16:18:58.0014 3940 NetBIOS - ok
16:18:58.0030 3940 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
16:18:58.0076 3940 netbt - ok
16:18:58.0092 3940 netr28ux (c553716f6f7bca3444cee52dfb7c9016) C:\Windows\system32\DRIVERS\netr28ux.sys
16:18:58.0154 3940 netr28ux - ok
16:18:58.0170 3940 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
16:18:58.0186 3940 nfrd960 - ok
16:18:58.0217 3940 nmwcdcx64 (bf8bd79edb75b4eafc6892424ad3485c) C:\Windows\system32\drivers\ccdcmbox64.sys
16:18:58.0248 3940 nmwcdcx64 - ok
16:18:58.0279 3940 nmwcdx64 (3fad4113e2ac9b36f97dfa28ad37fd8d) C:\Windows\system32\drivers\ccdcmbx64.sys
16:18:58.0310 3940 nmwcdx64 - ok
16:18:58.0326 3940 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
16:18:58.0373 3940 Npfs - ok
16:18:58.0404 3940 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
16:18:58.0451 3940 nsiproxy - ok
16:18:58.0513 3940 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
16:18:58.0560 3940 Ntfs - ok
16:18:58.0576 3940 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
16:18:58.0622 3940 Null - ok
16:18:59.0090 3940 nvlddmkm (aa0828f3223e1a2952f80a8d2047dd40) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:18:59.0340 3940 nvlddmkm - ok
16:18:59.0387 3940 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
16:18:59.0402 3940 nvraid - ok
16:18:59.0434 3940 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
16:18:59.0449 3940 nvstor - ok
16:18:59.0465 3940 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
16:18:59.0465 3940 nv_agp - ok
16:18:59.0496 3940 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
16:18:59.0527 3940 ohci1394 - ok
16:18:59.0543 3940 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
16:18:59.0590 3940 Parport - ok
16:18:59.0605 3940 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
16:18:59.0621 3940 partmgr - ok
16:18:59.0652 3940 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:18:59.0652 3940 pccsmcfd - ok
16:18:59.0683 3940 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
16:18:59.0683 3940 pci - ok
16:18:59.0699 3940 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
16:18:59.0714 3940 pciide - ok
16:18:59.0730 3940 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
16:18:59.0730 3940 pcmcia - ok
16:18:59.0777 3940 PCTCore (8f38fffa9e7b9d547b7921efa8edff3c) C:\Windows\system32\drivers\PCTCore64.sys
16:18:59.0777 3940 PCTCore - ok
16:18:59.0792 3940 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
16:18:59.0824 3940 pctDS - ok
16:18:59.0870 3940 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
16:18:59.0902 3940 pctEFA - ok
16:18:59.0933 3940 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
16:19:00.0026 3940 PEAUTH - ok
16:19:00.0120 3940 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
16:19:00.0151 3940 PptpMiniport - ok
16:19:00.0182 3940 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
16:19:00.0229 3940 Processor - ok
16:19:00.0260 3940 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
16:19:00.0292 3940 PSched - ok
16:19:00.0323 3940 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:19:00.0323 3940 PxHlpa64 - ok
16:19:00.0385 3940 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
16:19:00.0432 3940 ql2300 - ok
16:19:00.0448 3940 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
16:19:00.0463 3940 ql40xx - ok
16:19:00.0479 3940 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
16:19:00.0510 3940 QWAVEdrv - ok
16:19:00.0526 3940 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
16:19:00.0572 3940 RasAcd - ok
16:19:00.0588 3940 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:19:00.0619 3940 Rasl2tp - ok
16:19:00.0650 3940 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
16:19:00.0682 3940 RasPppoe - ok
16:19:00.0713 3940 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
16:19:00.0728 3940 RasSstp - ok
16:19:00.0760 3940 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
16:19:00.0806 3940 rdbss - ok
16:19:00.0838 3940 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:19:00.0884 3940 RDPCDD - ok
16:19:00.0900 3940 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
16:19:00.0931 3940 rdpdr - ok
16:19:00.0947 3940 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
16:19:00.0978 3940 RDPENCDD - ok
16:19:00.0994 3940 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
16:19:01.0040 3940 RDPWD - ok
16:19:01.0072 3940 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
16:19:01.0072 3940 regi - ok
16:19:01.0118 3940 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
16:19:01.0181 3940 rspndr - ok
16:19:01.0228 3940 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:19:01.0228 3940 SASDIFSV - ok
16:19:01.0243 3940 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:19:01.0243 3940 SASKUTIL - ok
16:19:01.0259 3940 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
16:19:01.0274 3940 sbp2port - ok
16:19:01.0306 3940 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:19:01.0352 3940 secdrv - ok
16:19:01.0399 3940 Sentinel64 (84ac127242dd3ccde02f9a4673214b1f) C:\Windows\System32\Drivers\Sentinel64.sys
16:19:01.0399 3940 Sentinel64 - ok
16:19:01.0415 3940 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
16:19:01.0462 3940 Serenum - ok
16:19:01.0477 3940 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
16:19:01.0524 3940 Serial - ok
16:19:01.0540 3940 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
16:19:01.0571 3940 sermouse - ok
16:19:01.0602 3940 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
16:19:01.0649 3940 sffdisk - ok
16:19:01.0664 3940 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
16:19:01.0696 3940 sffp_mmc - ok
16:19:01.0711 3940 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
16:19:01.0758 3940 sffp_sd - ok
16:19:01.0820 3940 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
16:19:01.0867 3940 sfloppy - ok
16:19:01.0898 3940 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
16:19:01.0898 3940 SiSRaid2 - ok
16:19:01.0914 3940 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
16:19:01.0930 3940 SiSRaid4 - ok
16:19:01.0961 3940 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
16:19:01.0992 3940 Smb - ok
16:19:01.0992 3940 speedfan - ok
16:19:02.0023 3940 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
16:19:02.0023 3940 spldr - ok
16:19:02.0086 3940 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
16:19:02.0132 3940 srv - ok
16:19:02.0164 3940 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
16:19:02.0179 3940 srv2 - ok
16:19:02.0210 3940 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
16:19:02.0226 3940 srvnet - ok
16:19:02.0242 3940 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
16:19:02.0242 3940 swenum - ok
16:19:02.0257 3940 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
16:19:02.0273 3940 Symc8xx - ok
16:19:02.0273 3940 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
16:19:02.0288 3940 Sym_hi - ok
16:19:02.0304 3940 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
16:19:02.0320 3940 Sym_u3 - ok
16:19:02.0366 3940 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
16:19:02.0413 3940 Tcpip - ok
16:19:02.0444 3940 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
16:19:02.0476 3940 Tcpip6 - ok
16:19:02.0522 3940 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
16:19:02.0569 3940 tcpipreg - ok
16:19:02.0600 3940 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
16:19:02.0647 3940 TDPIPE - ok
16:19:02.0663 3940 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
16:19:02.0694 3940 TDTCP - ok
16:19:02.0710 3940 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
16:19:02.0756 3940 tdx - ok
16:19:02.0788 3940 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
16:19:02.0803 3940 TermDD - ok
16:19:02.0819 3940 Tpkd (2e595c44b1c1160070b1530edf6de098) C:\Windows\system32\drivers\Tpkd.sys
16:19:02.0834 3940 Tpkd - ok
16:19:02.0866 3940 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:19:02.0897 3940 tssecsrv - ok
16:19:02.0912 3940 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
16:19:02.0928 3940 tunmp - ok
16:19:02.0959 3940 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
16:19:02.0990 3940 tunnel - ok
16:19:02.0990 3940 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
16:19:03.0006 3940 uagp35 - ok
16:19:03.0053 3940 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
16:19:03.0084 3940 udfs - ok
16:19:03.0115 3940 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
16:19:03.0115 3940 uliagpkx - ok
16:19:03.0131 3940 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
16:19:03.0146 3940 uliahci - ok
16:19:03.0178 3940 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
16:19:03.0178 3940 UlSata - ok
16:19:03.0209 3940 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
16:19:03.0224 3940 ulsata2 - ok
16:19:03.0240 3940 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
16:19:03.0271 3940 umbus - ok
16:19:03.0318 3940 upperdev (67ed617ed48014447039a1ef4b9d05ec) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:19:03.0349 3940 upperdev - ok
16:19:03.0521 3940 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
16:19:03.0568 3940 usbaudio - ok
16:19:03.0614 3940 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
16:19:03.0661 3940 usbccgp - ok
16:19:03.0755 3940 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
16:19:03.0817 3940 usbcir - ok
16:19:03.0895 3940 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
16:19:03.0926 3940 usbehci - ok
16:19:03.0942 3940 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
16:19:03.0989 3940 usbhub - ok
16:19:04.0004 3940 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
16:19:04.0067 3940 usbohci - ok
16:19:04.0098 3940 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
16:19:04.0129 3940 usbprint - ok
16:19:04.0145 3940 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
16:19:04.0176 3940 usbscan - ok
16:19:04.0176 3940 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
16:19:04.0207 3940 usbser - ok
16:19:04.0238 3940 UsbserFilt (eb84ceaafec6680c8b04c40a5ede7147) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
16:19:04.0254 3940 UsbserFilt - ok
16:19:04.0270 3940 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:19:04.0301 3940 USBSTOR - ok
16:19:04.0316 3940 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
16:19:04.0332 3940 usbuhci - ok
16:19:04.0363 3940 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
16:19:04.0394 3940 usbvideo - ok
16:19:04.0410 3940 VClone (8fc6e3d302550a06c7c5db9f1ab54193) C:\Windows\system32\DRIVERS\VClone.sys
16:19:04.0426 3940 VClone - ok
16:19:04.0441 3940 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
16:19:04.0472 3940 vga - ok
16:19:04.0488 3940 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
16:19:04.0519 3940 VgaSave - ok
16:19:04.0582 3940 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
16:19:04.0582 3940 viaide - ok
16:19:04.0597 3940 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
16:19:04.0613 3940 volmgr - ok
16:19:04.0644 3940 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
16:19:04.0691 3940 volmgrx - ok
16:19:04.0706 3940 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
16:19:04.0722 3940 volsnap - ok
16:19:04.0753 3940 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
16:19:04.0753 3940 vsmraid - ok
16:19:04.0784 3940 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
16:19:04.0847 3940 WacomPen - ok
16:19:04.0862 3940 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:19:04.0909 3940 Wanarp - ok
16:19:04.0909 3940 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:19:04.0940 3940 Wanarpv6 - ok
16:19:04.0956 3940 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
16:19:04.0972 3940 Wd - ok
16:19:04.0987 3940 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
16:19:05.0018 3940 Wdf01000 - ok
16:19:05.0081 3940 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
16:19:05.0112 3940 WmiAcpi - ok
16:19:05.0143 3940 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
16:19:05.0174 3940 WpdUsb - ok
16:19:05.0206 3940 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
16:19:05.0237 3940 ws2ifsl - ok
16:19:05.0284 3940 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:19:05.0330 3940 WUDFRd - ok
16:19:05.0362 3940 yukonx64 (827aaae4f84945658b0b03da805df44e) C:\Windows\system32\DRIVERS\yk60x64.sys
16:19:05.0408 3940 yukonx64 - ok
16:19:05.0471 3940 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
16:19:05.0486 3940 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
16:19:05.0502 3940 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:19:05.0627 3940 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:19:05.0627 3940 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:19:05.0627 3940 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
16:19:05.0705 3940 \Device\Harddisk1\DR1 - ok
16:19:05.0705 3940 Boot (0x1200) (76fef732bb3db9d48eb14ca12accd0df) \Device\Harddisk0\DR0\Partition0
16:19:05.0705 3940 \Device\Harddisk0\DR0\Partition0 - ok
16:19:05.0720 3940 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk1\DR1\Partition0
16:19:05.0720 3940 \Device\Harddisk1\DR1\Partition0 - ok
16:19:05.0720 3940 Boot (0x1200) (27f98a1577fc88371edb4bbca4c39ab5) \Device\Harddisk1\DR1\Partition1
16:19:05.0720 3940 \Device\Harddisk1\DR1\Partition1 - ok
16:19:05.0720 3940 ============================================================
16:19:05.0720 3940 Scan finished
16:19:05.0720 3940 ============================================================
16:19:05.0720 0796 Detected object count: 1
16:19:05.0720 0796 Actual detected object count: 1
16:19:48.0215 0796 \Device\Harddisk0\DR0\TDLFS - deleted
16:19:48.0215 0796 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
16:20:14.0906 1548 Deinitialize success
OTL logfile created on: 1/3/2012 4:42:33 PM - Run 9
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy
8.00 Gb Total Physical Memory | 6.31 Gb Available Physical Memory | 78.94% Memory free
16.05 Gb Paging File | 14.38 Gb Available in Paging File | 89.65% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 87.46 Gb Free Space | 31.30% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 24.30 Gb Free Space | 1.74% Space Free | Partition Type: NTFS
Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
PRC - [2011/09/07 15:53:57 | 000,040,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
PRC - [2011/01/01 18:47:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2010/12/03 15:34:46 | 000,108,496 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2007/08/21 15:37:16 | 001,220,608 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\WiFi-AP @n\
[email protected]PRC - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe
========== Modules (No Company Name) ========== MOD - [2011/12/09 00:15:00 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/12/09 00:14:50 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/12/09 00:14:49 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/12/09 00:14:49 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/12/09 00:14:49 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 14:19:26 | 002,760,192 | ---- | M] () -- C:\ProgramData\Boxtools\Toolbox.exe
MOD - [2008/05/14 17:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
MOD - [2008/04/15 09:07:34 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\pngio.dll
MOD - [2003/08/29 19:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
MOD - [2003/08/29 11:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2011/07/19 01:01:47 | 000,146,816 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:
64bit: - [2009/05/14 08:01:24 | 004,901,888 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:
64bit: - [2008/10/28 00:20:22 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:
64bit: - [2007/10/19 04:10:30 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2010/12/09 10:48:10 | 000,247,760 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/05 12:36:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/07 13:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/03/30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 19:28:40 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/24 11:33:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2011/12/06 17:06:09 | 000,025,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV:
64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2010/11/25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:
64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:
64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:
64bit: - [2010/06/10 00:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/10/01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:
64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/04/11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:
64bit: - [2008/09/24 11:29:20 | 000,035,840 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:
64bit: - [2008/09/15 07:57:32 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:
64bit: - [2008/09/15 07:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:
64bit: - [2008/09/15 07:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:
64bit: - [2008/09/15 07:57:18 | 000,008,704 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:
64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:
64bit: - [2008/07/21 13:11:56 | 000,032,200 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:
64bit: - [2008/05/19 08:47:48 | 000,173,096 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx)
DRV:
64bit: - [2008/03/20 01:44:34 | 000,467,456 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:
64bit: - [2007/09/05 11:04:48 | 000,077,872 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:
64bit: - [2007/08/15 21:50:06 | 000,688,640 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV:
64bit: - [2007/08/15 09:22:00 | 000,369,152 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:
64bit: - [2007/04/27 06:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Sentinel64.sys -- (Sentinel64)
DRV:
64bit: - [2007/04/17 08:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:
64bit: - [2006/10/31 16:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV - [2010/03/13 11:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/23 15:48:42] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009/06/26 20:21:06 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2007/02/07 19:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.b.dkIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaulturl: "
http://flvdirect.iam...c=tops&search="FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.berlingske.dk/"FF - prefs.js..extensions.enabledItems:
[email protected]:1.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.3.5
FF - prefs.js..extensions.enabledItems:
[email protected]:7
FF - prefs.js..extensions.enabledItems:
[email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems:
[email protected]:1.1
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems:
[email protected]:1.20.00
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.204
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@neulion.com/npadaptiveplugin: C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/02/04 15:04:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\NETELLER app\plugins\Firefox\neteller\ [2010/10/20 09:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/15 18:32:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 19:46:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/15 19:46:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\Michael Eilersen\AppData\Roaming\Move Networks [2009/11/20 06:07:02 | 000,000,000 | ---D | M]
[2008/12/29 00:32:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Extensions
[2012/01/03 03:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions
[2010/05/13 22:57:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/17 01:39:15 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/08/22 09:46:58 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/12/06 12:05:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/14 17:10:36 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\
[email protected][2011/09/18 17:59:25 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\
[email protected][2010/08/31 14:08:56 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Michael Eilersen\AppData\Roaming\Mozilla\Firefox\Profiles\nzcqnlpm.default\extensions\
[email protected][2012/01/03 16:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/03 16:24:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/15 19:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\MICHAEL EILERSEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NZCQNLPM.DEFAULT\EXTENSIONS\
[email protected][2011/12/13 19:17:51 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/03 16:24:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/31 12:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2011/12/13 06:52:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/15 11:53:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/12/13 06:52:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: LizardTech DjVu (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Eilersen\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
CHR - plugin: NeuLion Adaptive Plugin (Enabled) = C:\Users\Michael Eilersen\AppData\Roaming\NeuLion\AdaptivePlugin\npadaptiveplugin_1_6_5_7131.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Michael Eilersen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2012/01/03 15:59:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Internet Explorer Form-Fill Plug-In) - {5425B4B8-87F9-4E9C-8B51-8AABA82EBA64} - C:\Program Files (x86)\NETELLER app\plugins\IE\Neteller.dll (NEOVIA Financial® Plc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKCU..\Run: [Boxoft Tools] C:\ProgramData\Boxtools\Boxofttoolbox.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 11 Registration.lnk = File not found
O4 - Startup: C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:
64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15:
64bit: - ..Trusted Domains: danid.dk ([]http in Trusted sites)
O15:
64bit: - ..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: danid.dk ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: danid.dk ([]https in Trusted sites)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D}
http://www.vexcast.c...oad/vexcast.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.162.153.164 194.239.134.83
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1FB07-90EC-4593-920F-913C35E23C0F}: DhcpNameServer = 193.162.153.164 194.239.134.83
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:* /L:1033 /KBD:2 /wow /dir:C:\Program)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/01/03 16:27:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/03 16:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/01/03 16:24:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/03 16:24:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/03 16:24:50 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/03 16:11:45 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/03 15:59:09 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/03 15:34:50 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/12/30 16:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2011/12/30 16:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2011/12/28 00:17:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\.gnubg
[2011/12/28 00:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNU Backgammon
[2011/12/28 00:17:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gnubg
[2011/12/28 00:10:16 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goto.Games
[2011/12/28 00:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goto.Games
[2011/12/28 00:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Goto.Games
[2011/12/27 22:54:32 | 000,000,000 | ---D | C] -- C:\Snowie Documents
[2011/12/27 22:54:31 | 000,462,848 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMW3VWN.DLL
[2011/12/27 22:54:31 | 000,169,472 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\HTML.OCX
[2011/12/27 22:54:31 | 000,066,560 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMORENU.DLL
[2011/12/27 22:54:31 | 000,048,128 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMSCKN.DLL
[2011/12/27 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2011/12/27 22:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnowieGroup
[2011/12/27 22:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnowieGroup
[2011/12/27 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/12/27 19:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/27 19:36:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/27 19:36:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/27 19:36:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/27 19:36:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/27 19:35:34 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:35:34 | 004,367,676 | R--- | C] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2011/12/27 19:35:34 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:35:34 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/27 19:22:50 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Desktop\Cleaning
[2011/12/27 18:43:21 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxoft Toolbox
[2011/12/23 22:51:31 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 18:51:02 | 009,851,496 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:50 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play65
[2011/12/16 17:32:40 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Local\Play65
[2011/12/15 12:45:14 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT
[2011/12/15 12:30:26 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/15 12:27:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 12:27:26 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 12:27:26 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 12:21:33 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011/12/14 12:16:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\Documents\Lřnsedler
[2011/12/13 00:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft.temp
[2011/12/13 00:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/12/07 23:51:51 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/12/06 23:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/12/06 22:28:10 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 22:00:34 | 001,996,752 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2011/12/06 22:00:34 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2011/12/06 22:00:34 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2011/12/06 18:27:59 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/06 18:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2011/12/06 17:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/12/06 17:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/12/06 16:50:41 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/12/06 16:50:41 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/12/06 16:50:41 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/12/06 16:50:41 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/12/06 16:50:39 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/12/06 16:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/12/06 16:50:37 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Users\Michael Eilersen\AppData\Roaming\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/06 16:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/12/06 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/12/06 11:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/01/03 16:45:04 | 000,875,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/03 16:45:04 | 000,715,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/03 16:45:04 | 000,151,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/03 16:38:13 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/01/03 16:38:13 | 000,176,538 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/01/03 16:37:39 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 16:37:39 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/03 16:37:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/03 16:24:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/01/03 16:24:37 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/01/03 16:24:37 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/01/03 16:24:37 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/01/03 15:59:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/03 15:59:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000UA.job
[2012/01/03 15:34:32 | 004,367,676 | R--- | M] (Swearware) -- C:\Users\Michael Eilersen\Desktop\ComboFix.exe
[2012/01/03 15:05:52 | 000,000,218 | ---- | M] () -- C:\Users\Michael Eilersen\.recently-used.xbel
[2012/01/03 14:51:05 | 000,002,675 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/31 08:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3194313822-558712583-1741877353-1000Core.job
[2011/12/30 16:23:02 | 000,000,043 | ---- | M] () -- C:\Windows\gswin64.ini
[2011/12/29 19:26:15 | 000,072,192 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/28 11:46:55 | 003,336,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/28 03:00:26 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2011/12/28 00:17:11 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\GNU Backgammon CLI.lnk
[2011/12/28 00:17:11 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\GNU Backgammon.lnk
[2011/12/28 00:10:21 | 000,001,009 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\NetGammon8.lnk
[2011/12/27 22:52:57 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\Snowie Version 4.lnk
[2011/12/27 22:00:13 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:18:34 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup-1.51.2.1300 (1).exe
[2011/12/27 19:17:24 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Michael Eilersen\Desktop\aswMBR.exe
[2011/12/27 19:16:48 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\tdsskiller (1).exe
[2011/12/23 22:51:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Eilersen\Desktop\OTL.exe
[2011/12/23 22:01:14 | 000,000,601 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 18:50:58 | 009,851,496 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Michael Eilersen\Desktop\mbam-setup.exe
[2011/12/23 18:47:28 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\123.com
[2011/12/23 13:02:43 | 000,684,297 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 12:47:54 | 000,001,460 | ---- | M] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2011/12/16 17:34:12 | 000,000,824 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 19:46:44 | 000,000,912 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/15 19:46:44 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/15 18:00:29 | 000,002,097 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\Google Chrome.lnk
[2011/12/15 18:00:29 | 000,002,059 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/15 15:56:04 | 000,000,973 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:39:21 | 002,933,318 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/12/15 12:30:37 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/12/15 12:30:37 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/12/15 12:30:36 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011/12/15 12:30:36 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011/12/15 12:30:26 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/15 12:30:26 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/15 12:30:26 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/15 12:30:26 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/15 12:30:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 12:30:26 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 12:30:26 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/15 12:30:26 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/15 12:30:26 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/15 12:30:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/15 12:30:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/15 12:30:26 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/15 12:30:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 12:30:26 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/15 12:30:26 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/15 12:30:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/15 12:30:26 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/15 12:30:26 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/15 12:30:25 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/15 12:30:25 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/15 12:30:25 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/15 12:30:25 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/15 12:30:25 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/15 12:30:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/15 12:30:25 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/15 12:30:25 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/15 12:30:25 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/15 12:30:25 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/15 12:30:25 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/15 12:30:25 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/15 12:30:25 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/15 12:30:25 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/15 12:30:24 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/15 12:30:24 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/15 12:30:24 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/15 12:30:24 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/15 12:30:24 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/15 12:30:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/15 12:30:24 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/15 12:30:24 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/15 12:30:24 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/15 12:30:24 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/15 12:30:24 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/15 12:30:24 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/15 12:30:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/15 12:30:23 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/15 12:30:23 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/15 12:30:23 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/15 12:30:23 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/15 12:30:23 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/15 12:30:23 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 12:30:23 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 12:30:23 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/15 12:30:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/15 12:30:23 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/15 12:30:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/15 12:30:23 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 12:30:23 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/15 12:30:23 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/15 12:30:23 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/15 12:30:23 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/15 12:30:23 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/15 12:30:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/15 12:30:23 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/15 12:30:23 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/15 12:30:23 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/15 12:30:23 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/15 12:30:22 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 12:30:22 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/15 12:30:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/15 12:30:22 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/15 12:30:22 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/15 12:30:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/15 12:30:22 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/14 12:26:28 | 000,002,633 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/14 12:07:57 | 002,039,842 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:55:18 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/13 23:53:05 | 118,082,211 | ---- | M] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/07 23:51:53 | 002,540,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael Eilersen\Documents\avg_remover_stf_x64_2012_1796.exe
[2011/12/06 22:38:49 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:37:38 | 001,008,120 | ---- | M] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:26:55 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Michael Eilersen\Desktop\randomname.com
[2011/12/06 17:06:09 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 17:06:09 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/06 16:50:38 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/06 16:18:35 | 000,000,972 | ---- | M] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/06 12:07:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/01/03 15:05:52 | 000,000,218 | ---- | C] () -- C:\Users\Michael Eilersen\.recently-used.xbel
[2011/12/30 16:23:02 | 000,000,043 | ---- | C] () -- C:\Windows\gswin64.ini
[2011/12/28 00:17:11 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\GNU Backgammon CLI.lnk
[2011/12/28 00:17:11 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\GNU Backgammon.lnk
[2011/12/28 00:10:21 | 000,001,009 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\NetGammon8.lnk
[2011/12/27 23:23:51 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET
[2011/12/27 22:54:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\NMOCOD.DLL
[2011/12/27 22:53:07 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\bdeadmin.cpl
[2011/12/27 22:52:57 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\Snowie Version 4.lnk
[2011/12/27 19:49:12 | 000,000,972 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:49:12 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/27 19:36:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/27 19:36:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/27 19:36:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/27 19:36:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/27 19:36:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/23 22:27:08 | 000,001,589 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2011/12/23 22:27:08 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/12/23 22:01:14 | 000,000,601 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\System Fix.lnk
[2011/12/23 21:28:45 | 000,684,297 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\unhide.exe
[2011/12/23 13:16:56 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011/12/23 13:16:56 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2010.lnk
[2011/12/23 13:16:56 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Engelsk-Dansk Dansk-Engelsk.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2011/12/23 13:16:56 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:56 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk
[2011/12/23 13:16:56 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/12/23 13:16:56 | 000,001,813 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2011/12/23 13:16:56 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/12/23 13:16:56 | 000,001,733 | ---- | C] () -- C:\Users\Public\Desktop\Luxury Casino.lnk
[2011/12/23 13:16:56 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/23 13:16:56 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/12/23 13:16:56 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Batch Image To PDF.lnk
[2011/12/23 13:16:56 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\HoldemManager.lnk
[2011/12/23 13:16:56 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Batch PDF Pro.lnk
[2011/12/23 13:16:56 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\R 2.11.1.lnk
[2011/12/23 13:16:56 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\R 2.8.1.lnk
[2011/12/23 13:16:56 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/12/23 13:16:56 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2011/12/23 13:16:56 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/12/23 13:16:56 | 000,000,855 | ---- | C] () -- C:\Users\Public\Desktop\Mobipocket Creator.lnk
[2011/12/23 13:16:56 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\DVDneXtCOPY 4.lnk
[2011/12/23 13:16:56 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\YouSee Player.lnk
[2011/12/23 13:16:56 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011/12/23 13:16:56 | 000,000,673 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD 2010.lnk
[2011/12/23 13:16:56 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\FM Genie Scout 11.lnk
[2011/12/23 13:16:56 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\JPG To PDF Converter.lnk
[2011/12/23 13:16:56 | 000,000,134 | ---- | C] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
[2011/12/23 13:16:53 | 000,002,675 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/23 13:16:53 | 000,002,633 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/12/23 13:16:53 | 000,002,059 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/12/23 13:16:53 | 000,002,037 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011/12/23 13:16:53 | 000,001,954 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk
[2011/12/23 13:16:53 | 000,001,952 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\5DFly Images to PDF Converter.lnk
[2011/12/23 13:16:53 | 000,001,692 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/12/23 13:16:53 | 000,001,667 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
[2011/12/23 13:16:53 | 000,001,481 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Illustrator CS4.lnk
[2011/12/23 13:16:53 | 000,001,228 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe After Effects CS4.lnk
[2011/12/23 13:16:53 | 000,001,125 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Liquid Story Binder XE.lnk
[2011/12/23 13:16:53 | 000,001,071 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Photoshop CS4 (64 Bit).lnk
[2011/12/23 13:16:53 | 000,001,047 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[2011/12/23 13:16:53 | 000,001,008 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Image to PDF Converter Free.lnk
[2011/12/23 13:16:53 | 000,000,974 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\WinBUGS14.exe - Shortcut.lnk
[2011/12/23 13:16:53 | 000,000,973 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/23 13:16:53 | 000,000,968 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/12/23 13:16:53 | 000,000,950 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\CINEMA 4D Release 11 64 Bit.lnk
[2011/12/23 13:16:53 | 000,000,912 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/23 13:16:53 | 000,000,898 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\vlc.lnk
[2011/12/23 13:16:53 | 000,000,826 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk
[2011/12/23 13:16:53 | 000,000,806 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/12/23 13:16:53 | 000,000,544 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\JPG To PDF Converter.lnk
[2011/12/23 13:16:53 | 000,000,258 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/12/23 13:16:53 | 000,000,240 | ---- | C] () -- C:\Users\Michael Eilersen\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/23 13:16:47 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/12/23 13:16:47 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011/12/23 13:16:47 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/12/23 13:16:47 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/12/23 13:16:47 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/23 13:16:47 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011/12/23 13:16:47 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/12/23 13:16:47 | 000,001,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/12/23 13:16:47 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/12/23 13:16:47 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/12/23 13:16:47 | 000,001,763 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011/12/23 13:16:47 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/12/23 13:16:47 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/12/23 13:16:47 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/12/23 13:16:47 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/12/23 13:16:47 | 000,001,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer EP.lnk
[2011/12/23 13:16:47 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2011/12/23 13:16:47 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS3.lnk
[2011/12/23 13:16:47 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
[2011/12/23 13:16:47 | 000,001,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/12/23 13:16:47 | 000,000,916 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/12/23 13:16:47 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/23 13:16:47 | 000,000,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/12/23 13:16:47 | 000,000,844 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouSee Player.lnk
[2011/12/23 13:16:47 | 000,000,732 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSJ.lnk
[2011/12/23 13:16:47 | 000,000,685 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD 2010.lnk
[2011/12/16 17:34:12 | 000,000,824 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\Play65.lnk
[2011/12/15 15:56:04 | 000,000,979 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/15 12:45:14 | 000,020,956 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Pandemic.2007.PROPER.DVDRip.XviD-VoMiT.torrent
[2011/12/15 12:30:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/15 12:30:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/14 12:07:57 | 002,039,842 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\lejekontrakt.pdf
[2011/12/13 23:51:39 | 118,082,211 | ---- | C] () -- C:\Users\Michael Eilersen\Documents\Holdem_Manager_Setup1.12.07.exe
[2011/12/06 22:39:30 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\iExplore.exe
[2011/12/06 22:38:06 | 001,008,120 | ---- | C] () -- C:\Users\Michael Eilersen\Desktop\rkill.com
[2011/12/06 22:00:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/12/06 22:00:34 | 000,002,052 | ---- | C] () -- C:\Windows\UDB.zip
[2011/12/06 22:00:34 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2011/12/06 22:00:34 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2011/12/06 22:00:34 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2011/12/06 17:06:09 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/12/06 16:50:42 | 002,933,318 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/10/07 00:07:02 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011/01/08 10:31:19 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/08 10:31:19 | 000,000,008 | RHS- | C] () -- C:\ProgramData\476E5D3C28.sys
[2011/01/02 10:16:43 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/02 10:16:43 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/12/31 01:16:56 | 000,000,221 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\burnaware.ini
[2010/12/24 14:39:15 | 000,233,472 | ---- | C] () -- C:\Windows\Dqihia.exe
[2010/12/13 16:43:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/12/05 12:47:43 | 000,000,000 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\.NANotifyHere
[2010/06/30 21:03:43 | 000,003,433 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\SAS7_000.DAT
[2010/06/05 12:01:33 | 000,000,158 | ---- | C] () -- C:\Windows\matlab.ini
[2010/04/23 14:20:44 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini
[2010/04/12 12:06:17 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/03/22 22:27:44 | 000,000,351 | ---- | C] () -- C:\Windows\SoftWriting.ini
[2010/03/04 10:35:07 | 000,395,776 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/03/04 10:35:07 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/03/04 10:35:07 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/02/14 15:12:33 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2010/02/14 13:46:05 | 000,000,045 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\machpro.dat
[2009/12/07 14:44:22 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009/12/07 14:44:22 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009/11/09 14:15:31 | 000,145,558 | ---- | C] () -- C:\Windows\hpoins13.dat
[2009/09/18 06:31:56 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 06:30:41 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/18 06:30:04 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/06 21:58:17 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/08/07 15:49:47 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/07 15:49:23 | 000,176,538 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/15 13:32:53 | 001,507,328 | ---- | C] () -- C:\Windows\SysWow64\nView.dll
[2009/07/15 13:32:53 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll
[2009/07/05 16:56:32 | 000,000,144 | ---- | C] () -- C:\Windows\SysWow64\lkfl.dat
[2009/07/05 16:56:32 | 000,000,096 | ---- | C] () -- C:\Windows\SysWow64\pdfl.dat
[2009/07/05 16:56:32 | 000,000,080 | ---- | C] () -- C:\Windows\SysWow64\ibfl.dat
[2009/07/01 18:02:03 | 000,004,965 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/06/28 18:18:47 | 000,001,365 | ---- | C] () -- C:\Windows\IPokerscope.ini
[2009/06/12 18:35:57 | 000,001,356 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps.dat
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2009/06/10 18:23:33 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2009/06/10 18:23:33 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2009/06/10 18:23:33 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2009/06/10 18:23:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009/04/06 21:26:10 | 001,362,460 | ---- | C] () -- C:\Windows\SysWow64\ExpansionHD_Firmware.bin
[2009/03/30 19:50:22 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\Uninstow.exe
[2009/03/11 23:48:03 | 000,000,024 | ---- | C] () -- C:\Windows\TEXTware.ini
[2009/03/09 17:24:07 | 000,130,858 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/03/09 17:23:56 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2009/03/02 00:10:25 | 000,036,868 | ---- | C] () -- C:\Program Files (x86)\uninst-Particular.exe
[2009/02/04 18:59:31 | 004,372,059 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\NMM-MetaData.db
[2008/11/23 00:22:01 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_fts3.dll
[2008/11/23 00:22:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_rtree.dll
[2008/11/23 00:22:01 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite3_mod_impexp.dll
[2008/11/23 00:22:00 | 000,001,462 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/23 00:22:00 | 000,000,837 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/02 15:41:58 | 000,000,104 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\fusioncache.dat
[2008/11/02 15:26:43 | 000,818,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/11/01 23:24:13 | 000,024,226 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Roaming\UserTile.png
[2008/10/31 00:23:34 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2008/10/22 21:14:53 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/10/22 12:42:49 | 000,072,192 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/21 14:05:34 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/10/21 13:25:26 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/10/21 13:25:26 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/10/21 13:25:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/10/21 13:25:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/10/21 13:03:08 | 000,036,924 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/10/21 13:02:49 | 000,034,756 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/21 12:17:38 | 000,001,460 | ---- | C] () -- C:\Users\Michael Eilersen\AppData\Local\d3d9caps64.dat
[2008/02/08 17:03:43 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll
[2008/02/04 18:23:10 | 000,676,224 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/12/28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/01/22 17:05:38 | 000,000,811 | ---- | C] () -- C:\Windows\hpomdl13.dat
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/06/13 08:12:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\winOGL.dll
[2000/04/12 16:23:18 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[2000/02/11 09:47:38 | 000,003,120 | ---- | C] () -- C:\Windows\TMN211G.ini
[1997/09/30 15:29:10 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL
========== Files - Unicode (All) ==========[2010/07/01 09:56:12 | 000,023,986 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx
[2010/06/17 19:08:03 | 000,143,275 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:07:58 | 000,143,275 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.jpg) -- C:\Users\Michael Eilersen\Documents\λxexp.jpg
[2010/06/17 19:05:05 | 000,060,770 | ---- | M] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:02 | 000,060,770 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.pdf) -- C:\Users\Michael Eilersen\Documents\λxexp.pdf
[2010/06/17 19:05:00 | 000,023,986 | ---- | C] ()(C:\Users\Michael Eilersen\Documents\?xexp.docx) -- C:\Users\Michael Eilersen\Documents\λxexp.docx
========== Alternate Data Streams ========== @Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >
OTL Extras logfile created on: 1/3/2012 4:42:33 PM - Run 9
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael Eilersen\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy
8.00 Gb Total Physical Memory | 6.31 Gb Available Physical Memory | 78.94% Memory free
16.05 Gb Paging File | 14.38 Gb Available in Paging File | 89.65% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 87.46 Gb Free Space | 31.30% Space Free | Partition Type: NTFS
Drive G: | 1397.14 Gb Total Space | 24.30 Gb Free Space | 1.74% Space Free | Partition Type: NTFS
Computer Name: EILER-PC | User Name: Michael Eilersen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe %1
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 57 E2 51 29 C3 66 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3194313822-558712583-1741877353-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FCE4E3-AA49-4E6C-AFD0-EB988007A636}" = lport=138 | protocol=17 | dir=in | app=system |
"{01E4B3C5-C2F2-486C-9FB2-2ED1EECA83C6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0AD167C6-5228-40B3-AEB7-2ACA079A5E20}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{0F716D56-6B0F-44C9-AD64-4BE387280E22}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{1206B58B-738D-4482-8483-BEF26ABB28D3}" = lport=139 | protocol=6 | dir=in | app=system |
"{253D9383-8AF5-4950-B5AA-F7EE5A4987B4}" = rport=137 | protocol=17 | dir=out | app=system |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4061}" = lport=25799 | protocol=6 | dir=in | name=spport |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4062}" = lport=25799 | protocol=6 | dir=out | name=spport |
"{32E9D787-911F-4639-9432-20C6DC12D37E}" = lport=445 | protocol=6 | dir=in | app=system |
"{3ADCBFA2-F3C9-4B70-B651-7B20512D573F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47C28765-DE35-4BD0-8388-206CC6238A11}" = rport=445 | protocol=6 | dir=out | app=system |
"{53A9E0A9-478B-44DE-BEC0-93E8EC62A0E9}" = rport=138 | protocol=17 | dir=out | app=system |
"{76A6E7EB-513D-4DAA-929B-1181888BC139}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{77B00329-4867-42E3-AA3E-92B96FEACE57}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C1AFC4D-48D6-4EA3-8900-00208CDD0FE7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F53A94B-10B3-48A5-88F2-E946C0FD173F}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{836EB39E-2CAD-478B-8776-DD0B812D0049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{905BB58A-CC49-4FD1-9AE7-1CFBEC136FD6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A1347F11-25E8-4210-AE39-A19A67759719}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7E491E1-6737-4557-978E-B035F5748662}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B5433E70-B119-4587-9A8D-3DD58D253A06}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B9514CCA-BCF1-44B4-88B7-D66BE9869612}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB46A94E-F1DB-48D5-A418-95F09300598D}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{CF0EE876-5283-431B-A04A-AD8564D034A1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{D36F6037-210E-4D6E-AFCD-13E570C76AA7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D8D736F7-2267-46CA-B93D-305FE3E46D6E}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{D9E8CD75-A350-49CA-AB39-5319671D459D}" = lport=137 | protocol=17 | dir=in | app=system |
"{F001FEBC-D2AA-441F-A2FA-9CD3D8426284}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F1043777-3BF1-416B-A257-B3461083B3B1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F92E4E84-1CCF-429A-8E89-3829B7132DDF}" = rport=139 | protocol=6 | dir=out | app=system |
"{FC2C4B65-CFFF-4345-A406-CB6B5346B3E0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FD0ACF60-8CE2-4F57-B60D-A5F02142E323}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AC69BA-A92A-491F-B7E6-7353BCF33F31}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{00CBF721-4B8E-40D5-899F-2EC19665FD3D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{018EE8A9-E09C-4BDB-BCB8-60AB5CF75429}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{02322976-974E-48DE-8B80-2EFE6EAD20BC}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{05424DB1-AE69-4BBB-BF26-D27B612F6E84}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0788EA70-0BDA-4745-AC69-40E7B2D1788D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{082A1852-F459-45B8-98AC-7286E2959860}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{087DF11D-B1B6-4815-8F74-8131B456C614}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{09763E0A-998A-4FF7-B68F-E7734F07702D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{0A9D4720-8BB5-4583-A372-1C72D14CAF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{0B90A9D5-D4FD-43B6-B1DE-181D68DB99C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{0DBB21AB-82E3-4873-8FB6-19D4E36A8059}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{0E3AABB2-8325-49BB-8F7D-7F207BF700AE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E532DC0-AF43-4568-A014-69A8D18C45A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1055327A-A54C-4B46-8B98-3E8B69446682}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{10D044CB-DA27-45AF-99E4-CAD0064373DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1122B7C1-A552-41AB-BC55-F92CDC156693}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{12D98607-0114-40F6-9786-CD615E987C71}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{135E5E0F-8FC6-479D-ACBF-F8B3A7B234F0}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{144E0DEE-A16D-409D-B971-614CDD4BABFF}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{1554973C-4480-4DA6-9DF3-6B6CD3EA84CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16486E03-2D83-4FC8-B8FE-EC4369A635BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{174372F2-8773-4181-871E-D5B93472CD31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{17A9EE3B-646B-4626-B046-3E307D664085}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18D83075-01DB-40D0-A8BD-4C16206B7D72}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{1A3AE9D9-ABDB-488F-8583-D174B8B4441A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1A4BA463-3BB5-46F6-A719-0B074EE7BBFD}" = protocol=1 | dir=out |
[email protected],-28544 |
"{1C46B1CA-E0F3-4874-BA1D-19352600ADE1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{20DDFBD2-F107-420C-B661-43F41620E530}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{224E3680-B3F9-4F2E-AD83-3E885A8C1FFE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{24B2ED2D-6A30-4F46-9F4D-8D371E23E7A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24DA85F2-A7EE-4686-BC82-35E0AC7E8EE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25302716-F99E-4118-AB68-4A833F6E400B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26019CF1-E423-429A-BF63-4FC685CCF894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{262E34E8-804F-4DAF-83B9-E73DA0E140CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2671F6F8-ED2A-4129-AF81-4F1061322F7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26A6003C-E121-4B0F-898B-316C4DD700DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{274F6403-178D-4CA9-852A-635453C1D26E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{28E3CC2A-749A-407C-991D-D70A35ADCDB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A1163FD-D31E-4F5B-9E25-B85B93F62E08}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{2A45BA91-7B7A-4B2F-9870-4C4AFDFD044F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{2AD05146-01FD-4F3C-9550-C021E181510D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{2B2B337E-B4B3-4225-B4BC-39534540F82D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3569C5-3855-4F49-9F5F-C67BB9E3376A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B3959A1-5CBE-4460-A592-4B81EE86C795}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{2BEE8CFD-1668-436F-A895-56A2769139CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2D84109C-26CF-4234-BF0A-9E97FB28F320}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DE730C8-41E8-4BC4-990C-583FEA5FE3D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DFAF968-9D46-49CD-ACE6-496FEA3354F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{2E4B8DF0-02EC-4F20-885E-F80EFE5946FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2F7CA5E2-8379-442A-8B9F-6DA10895D74C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2FECC44D-67E8-4C9B-8560-0D99DCB21A12}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{30B873F2-6B8D-4023-84E4-FB5E0303EF2A}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{30DB8754-9433-4AA7-8AA0-6FDEC8A87788}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3156AB07-ADAE-4D2B-B847-FD64EDD12933}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3375FAB2-713F-4F22-9B67-5DC8EBD56648}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33C09FD7-7FB9-4F15-9AE7-67E3AD113D48}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{34EED1D7-2F7C-479E-9E4B-0E709EF773CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{36BD03AB-809D-4A8C-8C9E-83B3471AD0B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3725A0C2-8CD5-419B-99C3-B286E4434BEC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37564943-F465-493B-85C2-2A7FC23810C6}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{375D0F87-B1BF-47C6-B295-FC6CD7E974D1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd9.exe |
"{37656985-7807-4FFA-ADCB-969A73AC7206}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39496CA2-1FC8-477F-8FF9-61CC840B9592}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{39A4DCF2-9AB5-415D-A172-34429DB5AF6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A51DF0E-7672-4BB7-9A3E-2EE2513DD597}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3AAF4355-60CF-4D24-9CC2-AF49BE7DFA10}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{3C8915AA-ECFF-49BD-851A-606B0EEE4F9A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C8BB619-A63A-47BB-9030-3E93DD71119B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3CB516EE-A321-421C-916E-7F6D051A4E0A}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\pplive.exe |
"{3F1A6212-CBDB-48D9-BFA5-76B72E57055F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3F5DF151-4297-4B1A-A018-E3EA7794FBFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{403763EC-F354-4111-BD21-0A2B2753103D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{410A8370-3374-41A1-B7C4-D4229A75596C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{417AFA47-440A-4ACF-8071-93A2EE7D31FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43F80202-2486-4C3E-8FA5-7E4FBF12ECB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4720A4F3-8A7C-4BD0-B1F0-5F38A93480C8}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{4775359B-173C-498A-B720-C450929A4C49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{477C488D-39E2-4D83-A4C5-E0CDDEB9CC54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{48FC3BD9-DEB7-49A7-9A49-0599C90A9703}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A09E22D-B1BA-494A-832F-5101A9B80F9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4AF7D903-A4C2-4FF9-B8A0-E5456E8F6CD2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CF59DEA-D11E-4940-97FA-5A1D72BE6BAF}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4E193BF8-F8FC-4982-9FD5-BBE4D1C861D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E3F35A3-DA77-4C63-8B59-EB44A303E91C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F01A147-5A41-491B-B31D-7E81C51B4D69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4F3E8971-E0AF-4E00-8158-5A354DCC68ED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{506B4C0B-DE89-4D9C-9A26-B17990242D93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50B7A01E-690C-421C-A168-ED74AC591221}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"{51EBF5F2-BCB1-4090-9593-66DD8E79C9A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5540FFFD-64A7-46DD-930A-77EAC55CCCC3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55619783-9DDE-4DA6-9C7D-79B7F7C231D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{558E2398-87D2-4B81-8859-6A3FBD9D1B18}" = protocol=1 | dir=in |
[email protected],-28543 |
"{55B4FE7A-2720-45DF-986F-9861066E30C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{561DDE9B-C6C6-4DB7-BACC-566BFE90D744}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{56A92410-452F-46DB-BE94-7A6D0B1F6D21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{56D5D0D6-BA97-4625-8F05-4F115DDC3BF1}" = protocol=58 | dir=in |
[email protected],-28545 |
"{57AACDC7-465E-4C94-888C-5F490F24FDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5924A1D9-A52A-4454-9B23-5BA0C87DE0DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5987700A-F565-405B-A507-56F89BC3877E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A4AD0BF-6E62-4B5A-A987-4033189D1259}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5B9E8DBA-91B8-429E-AEB8-B8A9B292604C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CE6BC21-423D-4FA5-9555-0E3FFC22120A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CFD1C70-9C9B-466B-AD40-D2312DF267DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5DE59C85-CB41-4A17-AD02-CB8C361AA2ED}" = protocol=6 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{5DF67FCA-E744-4EB2-AE30-111EBB29F47D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5EDCA1A4-845C-4512-96AA-19EC0130E077}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2011\fm.exe |
"{5FDA3184-587D-4DE8-841A-7C67B3F72298}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{600E29E3-50EE-4802-B90A-78280AD84C04}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6060A3B0-F86A-4A93-9E86-7161A804F7F0}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{62B04440-6545-4C2C-A40D-6957E65CD970}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{6549EE80-5A09-4EF2-B901-580D62A26913}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6575E003-0E52-4A76-8130-143B7DCE19B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{66031CDF-C748-457F-824A-5692FD37888D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67276322-807D-4D86-8CAA-21DC5935E274}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{67B42C8F-4012-49A2-B322-C8658C8B0FD7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{696CD3ED-45CC-4F1E-854B-053086ABBFE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69F6188E-1A3C-4F00-9463-2E29117361DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A2A08E0-52BF-4FBB-956E-842E0BE3BDBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A6FE5F9-13CD-4357-BFE2-99309CC2D92B}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva.exe |
"{6A7A2D12-E371-4ED0-BBAD-467FEA336D20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A7F7190-7FDC-4D1B-928D-E2EF2AF9BBFE}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{6A868315-6BB6-4465-989F-EBDC410A4DC8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6AE1FEE3-D98A-436D-A13D-B0A9E005C989}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D4A8FD6-8612-4786-86BC-B204845436E2}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\crashreporter.exe |
"{6D5C459F-7C01-4744-94A8-E68D9C5C074B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{6E8E95B6-3164-4329-BB3C-E4A3B01CEEBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{6EBBF31A-78C0-4DDB-B56B-2441856C7817}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F41A10A-BB63-4032-822A-1EB23EE240E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F4340B8-A7E5-4429-896F-E8E8AF82828B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70064EB3-8064-4AD2-BABD-10643DAB8A05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{702ADFD2-D8D0-4BF6-8838-968B78AED794}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70C5407C-C715-4DB4-8BD5-C25C150CE2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{715F5FD5-CA8A-4418-BB95-AD62681BB9D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{71C7DF1C-4B24-475A-ADFF-D81083371E96}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{722C9C41-01EB-4B91-A2FD-D443BF0E298F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{727684A2-C713-4590-BDF8-FBC374A4E242}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73502D32-D225-46AD-9596-FA635332485F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{737A4D7A-3840-4CAF-A53D-D76A163BA23E}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{74EFB7ED-302A-400C-B252-DA9A0BAF65E0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7565BA6F-EBF8-460B-A02F-B3257D4C9F4F}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{768BA6A5-7229-4FB3-96A1-02F0959C500B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{774ECC65-E8D9-458B-A88C-EFC7CC00AB7B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7825A558-9D96-4C63-AC84-68E480249A67}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{78C2EB2A-BD75-4C10-8F4E-AAB8E82792A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{79F108AD-1CBE-4CCF-9A45-21EE985E6BF4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7A70EB54-E8A8-4D9C-800D-BDBEBC7BC835}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{7B97999D-8510-4CE0-922E-F2707231C091}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D3CC99A-EB46-4A16-B513-2FCA6D19FCD6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7DDC579C-787E-42D4-9027-FEE2E3CA12E2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E0F5021-3EF0-468B-9287-AC9F762C93B5}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\downloadprogress.exe |
"{7E23F7DC-87CB-45D0-A11E-39FA8508D4A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{808C096A-DEED-4D27-BFD3-D03E7E2FE47B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{80F65AEC-1452-430F-8D95-9FECA4AD2EEA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8233B346-8CE8-4AE1-A654-0D2A7C9B3C21}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{82357194-743A-4F56-B9D1-C86736DE1D44}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82518090-333E-4D89-AB4A-CFDC76DEFC06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8492DF8E-E5ED-45CE-B986-DAF95A7E7234}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{871C2EA3-3BB6-415E-B1B2-5D5BF984D4F0}" = protocol=58 | dir=out |
[email protected],-28546 |
"{882BB5EB-B5D0-439D-A737-34F7356422DC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{88E2C35E-3AEC-4A6F-BF0B-1FFB74468D03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8AFBB653-830D-4B64-AE8E-9C925F65037D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8B173D15-A0B4-4990-B49B-EF1115CA2604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E908C10-3EFB-4EE5-BED5-58DCFE829026}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{8EDBC7B6-1A4C-44EC-83F2-C8F1D45938FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F669068-2B76-42B7-8D64-699ECAAFFDDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8F776F5A-0D7A-4B3F-81E0-8B65C9B3C1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{93CBCCAC-D909-4495-A494-7C7E86E78E48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{943A51BA-FBFC-4514-AA8A-F9F5CE203A89}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\ppvadownload.exe |
"{948E074B-7EC0-4781-BBB4-D3B44BDD4A69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9571C459-BFB9-4499-BB75-BE68EBC92647}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{960DE3D1-2C03-4DD7-BB7C-7ACBF9987741}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"{9624AE85-4A1A-4E65-A5C5-0707047CF607}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{96552A36-3B6F-4530-A681-D1C50A38C5D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{982F69BB-2716-4B7A-AAD7-4787BB01A5CB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{98BF7F86-5503-447C-B69C-9BB1879F7BEF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9940421F-93B0-4A53-9DE4-E51699DFFE15}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{99F86493-5577-4972-A3B7-6A6F47BCC603}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9B461B8B-D1B4-4A64-81EF-AD6C218C0DE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9B729A4F-4691-4879-A7DD-5CE94BE01F96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{9E9FDAC7-610E-4449-A320-5123E5355928}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{9F43D85C-05FE-4E28-8093-2AB4D5AD1073}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0A1D675-F5D5-4728-AAFE-07A12E794891}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{A0ECD74B-C324-40D9-A534-EF78E920B83B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A33F36BA-C965-4053-B44B-5BEF08258E82}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A36F8440-0789-4ED8-8A52-6EC5C6163FDB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A3EB0E69-5401-45FD-910E-5FF01B280BE9}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{A431311F-BB21-4F0E-A7D6-8C3FA15F72A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{A46ADA1C-C1E8-49DF-B6C3-CA7A59B6AA07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4DD1A48-C398-49F9-8C2B-4AB3B06B1279}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5F19B76-6F22-47AC-A829-C4943678E865}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A68973F6-5037-42DF-9753-BA8A89E67F15}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6F718CC-B365-481B-9E36-E160E00475A6}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{A7AF40B3-60A3-4FD2-AF0C-16109EE9462D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A7C3AB66-D643-4922-930C-338ECA5FE1F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A882B064-8A40-4220-8C9E-B29B864322D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8A4A667-B465-4F31-975C-94C4779DD2F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A8D47FA6-202D-432B-970F-71959566D8CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A91A3B62-7D73-4FC9-BE7E-E78E51311C8B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AABD7A6F-0170-4606-A8D8-957D6C047DCF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{AADB278C-F519-4DEC-860D-EBA1586A4746}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB038C04-4F00-43D0-BFA0-67241A7FA486}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB7ECB0A-F131-4964-84AE-2F478F3EA6FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADAA0DBD-9B0A-496B-B458-DA82C6C15BA4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE189FB7-E329-42A5-BDF3-6C96C5FCDA69}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE3A4F15-444D-4B92-851F-54E449DF7AB6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF41163D-D235-4396-A100-5188320E8613}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{AF4F0E94-739B-4B37-A0AB-55B0287E8B3E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B1172383-8765-40E6-B14D-6B725E504B5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B15E50C2-8B8D-45F5-9FA6-F985C02A8519}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe |
"{B2CCC4F1-25B2-408F-B894-EF75B0761C7F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2FF920B-A792-47C0-AB95-1D6614A5977C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B590473A-08CC-4C1D-BBCA-D379EE63A9F2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B620D0D7-76B7-4D2A-8C8C-87B424F222D8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B7113CAC-5C13-44F5-920D-D05DC70B737F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9174DDF-2739-4C4D-98B8-04412CF55D76}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9609C44-FC31-4760-B236-BB70958FCD9E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9C96C73-E187-4069-A5B1-26BE3810428A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA5966B3-C7AE-4B4D-9282-0981E7A44EEC}" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{BB690551-DA14-4B2B-838F-9037D4FBCECE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBF023D5-2BE7-4D75-872F-EA9F33C58695}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC5F49D2-A652-485E-899E-15178E2DFDBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC7218D6-477B-4950-A31F-50CD411EC232}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{C04828F5-711B-4FB5-A239-C22348CC4606}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C04915F9-E695-40D8-90A0-D463D551127D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C25D4F7C-CEF8-4325-9C9B-E5739EE44FED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C34BD4D2-4CB5-4F7F-BDB1-E3E5086DDB03}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C35A6D02-D094-49D3-9220-6CEF7612B4A3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3F2DA78-9F58-48E0-B5DC-8757E6876539}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\autorun\exe\autorun.exe |
"{C3FD1021-6800-4318-9384-7F793ACC70DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C48B2FFD-72FE-41AE-8BE3-82113B4A3803}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6AD2D34-3C2F-43DA-BB62-04B6D4A003BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C76E1F23-F2B4-41BA-BD19-10DFC2C927E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C79A5C58-7591-43E7-905D-10D1223BD134}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7CBE64C-26E7-4AC3-AF1A-57FC4877A5C6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8FA45DF-2D8E-4F9D-94F9-89658D7C0FF9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C906AD7E-0F6B-4179-BE59-D1B3E45D8D14}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C93EE244-083F-41BE-9EF2-4B13990ACEF2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CD328F55-1C4B-4132-83F0-07A584CB0556}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CDA6FEF6-4FCD-495A-8863-5046C9BEB9E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D039E9ED-9221-4560-AB94-4B11AB6A7CED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D0A64A02-A2A1-43C3-A69C-1E1C0D435B7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2B95B0D-F580-45FB-BACE-1BAD3A00C0A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3434849-9172-4570-9C58-A596CA78F23E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D54DE4CA-2D65-41B3-B48D-3BE01FA56DC0}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{D5909E9E-426C-4EB4-A567-5EDEED6CB275}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D5C4262C-4D9A-4E17-A128-6C85C2EDE138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D6036BDC-8F0C-44CE-A6B1-BB3389BC6B68}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D682CF2F-4840-4A03-BF15-A6D255437FB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7B4EB2B-D28D-454F-848B-4A7F506BC92B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D7BBCE4F-D710-4A2C-A13C-129426A33D1B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D7D1D7A0-E2E6-4B37-AD37-4FCD4A128F5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D70CC0-1988-4317-9958-96E15C95DDEB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7D7912D-34E8-4BF8-AFEF-D981BE1A637F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E3227B-4753-4CDD-9BBD-6326D9AFDB7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7E98018-BB87-43A0-ACFE-9331B9C3FC40}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8EEFA3C-1C55-41F4-B177-3780275496AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D9D0BC70-35E2-4079-BA66-B8482E174C9B}" = protocol=17 | dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{DAAE327C-B010-48E4-90D2-226B68600FCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB44E4C4-66F5-42CF-99BB-D01A53F6CAE3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB877977-DF1A-4F7D-8592-D7AF0DFA30A4}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{DBB7D15C-72D2-4507-9971-FEFEF4B2CFFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DBF1AE87-69DA-4AB4-997E-B8BDB1B7CB54}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{DC7F9734-BA61-4DFB-9A27-9F4B5462C806}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2010\pcm.exe |
"{DCF22552-82D6-4177-9553-F2D97E14AB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\cyanide\pro cycling manager - season 2009\pcm.exe |
"{DD36E43D-C6FA-437D-BCAC-19C934B1C134}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\ppva\flvpick.exe |
"{E14320CA-1003-4355-BDDD-A1F63AB64000}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E18FCDDD-B8C7-40AF-92A9-D9D00C47D36A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E19CBB0E-D2E6-4B8D-8897-ACE5ADBE95F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E2221CDE-857A-4F1C-94F8-ED5D29604C01}" = protocol=6 | dir=in | app=c:\program files (x86)\cyanide\gamecenter\gamecenter.exe |
"{E2680ACC-99C2-4235-8794-E609AC4E6377}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E41DF7C1-111F-42E2-BA05-498C0E89D1C3}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\ppva\ppliveva_u.exe |
"{E5BA7718-594E-4F61-B475-AE702D84F256}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5C10A85-2E40-407B-BC4A-CFCAE346835C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7E83A76-2658-4EEF-8E73-342927547F3C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7EFFB6A-CE87-4617-9B71-FFFC09109111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E893E89F-A334-4D6F-A1ED-62258760245D}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{E9C28EAA-42C1-4D14-AFEC-A9C9005FC406}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EAD81E16-2E62-4124-9BB7-D512CEF1E6A6}" = protocol=6 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{EB931EC2-7B8F-40D9-9C0D-70A277A9372E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iii - complete\eu3game.exe |
"{EB9D604E-C126-4487-B2C0-8AAE305824DE}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{ECC18DDC-A2DF-4DF0-B569-461CA429BA8C}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{EF6B339B-B860-411E-B51D-6FFA32CC3F4E}" = dir=in | app=c:\program files (x86)\skype\phone\skype .exe |
"{EF9C2076-3F41-4884-A640-A6A7A294587B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F24C189F-CB4C-49CA-98FD-98CE92554ECA}" = protocol=17 | dir=in | app=c:\program files (x86)\pplive\pptv\ppliveu.exe |
"{F2AC6076-C8F5-49F7-91E7-9AA10FEE12C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{F3213B33-20FA-4C45-802B-B3F0A62E22EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F324B8BA-C159-455F-84AD-C339F7C7D812}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F384CDF4-86E1-488E-8945-529F1A16C27F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F392DA1B-E19C-46D0-9A13-62D4FA464E4F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F3C6EEB8-CA77-437D-8D78-73EB4D64BB4D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F5271259-67E5-42CF-B7AC-5495382D4B97}" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\local\temp\ms0cfg32.exe |
"{F5B143FF-5895-439A-A1D4-F61B9C8C097E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F5C782AD-64F4-4A0D-A8D7-E6ECBA8EA712}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F7DF6FA6-BA2E-4B67-9351-A8C5EDC90D45}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F9CB1AC4-1823-4E45-A4C8-17757AC24402}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB953C8D-F4CA-4F89-A198-A66008274F08}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{FBEB1BF2-6605-4959-A091-1E8D0A8FFECC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FC84F76A-366F-4149-86D1-FE30D8B315E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD6F3B6A-0FB3-42F8-9986-975BB4EF4F3C}" = protocol=6 | dir=out | app=system |
"{FDF8FFFF-814D-405E-B103-AEFBD857B76F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{02317C48-4C11-4DCA-867F-791A73D0DC0D}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{077A5FDA-FFC5-41CF-A8C1-2CABCC1E99D2}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{0FAC06CF-5204-4AC0-84F8-256786BF6DAD}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"TCP Query User{2765A490-32AF-4552-8E09-706A42F63411}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{424757F1-537B-4C26-B88F-D1AFD6FCE114}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{5A5595A3-8760-4832-8D0F-0C9D29709A02}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{6B778174-C25F-43B5-AD18-B1F1F7C0DF9C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8650E2EE-BF96-4C60-A0CC-D88908217D18}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{98402700-CFA8-4B70-B7E2-6D84F44E7089}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A44BFFD2-B09D-4939-AD38-01E24A7F7124}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{C38E7D9B-E348-41B7-9801-D335F43C4EF5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{C7D8B634-B595-4B6C-A865-0F55972EECCA}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{C879447D-03B9-4040-88E2-3D1B68582D56}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{CF75E8E8-13C7-4995-9531-2813C4BA9711}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D9B03067-FC20-42B2-AE01-71F3D154B7B4}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{E38756AC-B224-4C64-8F4D-5CD1AA7B82F3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{F5E7DDF1-64B9-48B6-9FE6-7F6CAC86A098}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0ABADC3E-7F59-46D9-857B-F5F7F0232A50}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{0D14DB75-8D53-47A4-8E98-9F297747ED38}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{18A51644-982A-4A9C-90AC-BC13B9A8AD76}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{27344AAB-1A08-491D-912F-B6E052BB9D29}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{2813270D-A97F-404D-92C9-907D9BF49F84}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{33E6125A-25D1-4347-BE56-2A9C338B65DB}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{39D46AF5-1ADF-426B-8D61-CA6988A6B56E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{3D20730B-820F-4D88-A7D5-DCA39F789F70}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{56452B83-5FA3-46A2-BD33-ACE844DF51BE}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{57320AA8-EB94-47E3-9947-7F05FE06729A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{72E00B4D-C30C-4266-A513-F7A263CA5CA9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{782176FE-CAC7-4589-AF73-08C266F9793E}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{94D5AEA5-96A2-4A9D-9C64-330B83A562AD}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{D03FA104-8A9D-4757-86D3-2ED96E717D2C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{D22B94DA-4425-4AA8-A000-26DA7E4B93D1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{D8CED9C9-FBC0-47F3-8BB1-EDC0AB9962E7}C:\program files (x86)\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pplivenetwork\ppap.exe |
"UDP Query User{F66ACC6F-6EE6-4735-8ADF-77586B0486CF}C:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\michael eilersen\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0412-1000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B38BCB00-1C17-48F5-BB94-584BB89D34D0}" = Logitech Z-series Software 1.04
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Windows Driver Package - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Windows Driver Package - Nokia Modem (10/27/2008 3.9)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HitmanPro35" = Hitman Pro 3.5
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"nView Desktop Manager" = NVIDIA nView Desktop Manager
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A422-40A5-BD20-04BF618CA0F9}" = QuickBooks Pro 2010
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{229AF246-D3F0-11D6-B69D-00D009E877CC}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2984E8FC-6310-6082-F0C7-56CC044B3B4C}" = YouSee Player
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{34922E26-AE1B-452A-926E-D3197E6BF0E9}" = Batch PDF Pro
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4767E0D4-05E9-4EC2-AD78-7AE1680D602C}" = Snowie Version 4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{4DB3021B-57A5-42A0-82FF-01F3B9E09CDD}" = NETELLER Desktop
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{5A180ED5-0AC1-410A-B790-5E0319CD0A93}" = Sentinel Protection Installer 7.4.0
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD 2010
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6600970A-BAE7-412A-BFFC-91AD793B3A41}" = ASUS WiFi-AP @n
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5694F9-4FE6-C505-B929-E465530C97EC}" = LSJ
"{6A9B6538-AA6B-498A-9529-739D7A5CBFE7}" = PASW Statistics 18 R Essentials
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}" = EndNote X4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8BADD53C-3A6D-4D22-B8C5-56ACD699C17D}" = Digital Signatur
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D381E6D-D221-49F9-B900-3D2D226E2C5D}" = PASW Statistics-R Integration Plug-in 18.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROOFKIT_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0402-0000-0000000FF1CE}" = Microsoft Office Proof (Bulgarian) 2007
"{90120000-001F-0402-0000-0000000FF1CE}_PROOFKIT_{FB4EE5BD-7C0B-4B5C-ACEC-D1F160BE9B47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_PROOFKIT_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROOFKIT_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROOFKIT_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0406-0000-0000000FF1CE}" = Microsoft Office Proof (Danish) 2007
"{90120000-001F-0406-0000-0000000FF1CE}_PROOFKIT_{25E093C2-374E-44A9-9BCE-3881BD442F3F}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROOFKIT_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROOFKIT_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROOFKIT_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007
"{90120000-001F-040B-0000-0000000FF1CE}_PROOFKIT_{8C00DF3E-E8BD-4C6A-B86F-0135E11DAF1C}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROOFKIT_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2007
"{90120000-001F-040D-0000-0000000FF1CE}_PROOFKIT_{D51DB996-6D46-4195-B495-5E96F61A3CB9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROOFKIT_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROOFKIT_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2007
"{90120000-001F-0411-0000-0000000FF1CE}_PROOFKIT_{09FD8ECF-B585-47FD-8E53-68BB8741DA65}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2007
"{90120000-001F-0412-0000-0000000FF1CE}_PROOFKIT_{B017C4D5-E774-4A94-A8E3-380489B86F47}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROOFKIT_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmĺl)) 2007
"{90120000-001F-0414-0000-0000000FF1CE}_PROOFKIT_{D3413506-02DD-4918-AB8B-A9939A14C2E8}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROOFKIT_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_PROOFKIT_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROOFKIT_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-0419-0000-0000000FF1CE}_PROOFKIT_{57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROOFKIT_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROOFKIT_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007
"{90120000-001F-041D-0000-0000000FF1CE}_PROOFKIT_{43722AA8-ACEA-4F54-9B83-2467D376EF8A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041E-0000-0000000FF1CE}_PROOFKIT_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_PROOFKIT_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0420-0000-0000000FF1CE}" = Microsoft Office Proof (Urdu) 2007
"{90120000-001F-0422-0000-0000000FF1CE}" = Microsoft Office Proof (Ukrainian) 2007
"{90120000-001F-0422-0000-0000000FF1CE}_PROOFKIT_{6F177D09-F21D-4F50-9436-353972D1D232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROOFKIT_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0425-0000-0000000FF1CE}" = Microsoft Office Proof (Estonian) 2007
"{90120000-001F-0425-0000-0000000FF1CE}_PROOFKIT_{198E4A56-E02D-4594-AA6A-B25D83F50A81}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0426-0000-0000000FF1CE}" = Microsoft Office Proof (Latvian) 2007
"{90120000-001F-0426-0000-0000000FF1CE}_PROOFKIT_{1B3EDDDA-158A-4AFB-A493-57446AC5964D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0427-0000-0000000FF1CE}" = Microsoft Office Proof (Lithuanian) 2007
"{90120000-001F-0427-0000-0000000FF1CE}_PROOFKIT_{15B60D1E-FBD2-4659-A159-ADB32FA4105D}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0439-0000-0000000FF1CE}" = Microsoft Office Proof (Hindi) 2007
"{90120000-001F-0439-0000-0000000FF1CE}_PROOFKIT_{B0126B90-3F42-404B-8435-DE45FBC3BE45}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0446-0000-0000000FF1CE}" = Microsoft Office Proof (Punjabi) 2007
"{90120000-001F-0447-0000-0000000FF1CE}" = Microsoft Office Proof (Gujarati) 2007
"{90120000-001F-0449-0000-0000000FF1CE}" = Microsoft Office Proof (Tamil) 2007
"{90120000-001F-044A-0000-0000000FF1CE}" = Microsoft Office Proof (Telugu) 2007
"{90120000-001F-044B-0000-0000000FF1CE}" = Microsoft Office Proof (Kannada) 2007
"{90120000-001F-044E-0000-0000000FF1CE}" = Microsoft Office Proof (Marathi) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_PROOFKIT_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2007
"{90120000-001F-0814-0000-0000000FF1CE}_PROOFKIT_{1B70EF07-15AB-483B-B7DE-C60584A3F518}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_PROOFKIT_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-081A-0000-0000000FF1CE}" = Microsoft Office Proof (Serbian (Latin)) 2007
"{90120000-001F-081A-0000-0000000FF1CE}_PROOFKIT_{5D31A216-8A77-4993-AAF4-A747E3E81B35}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROOFKIT_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROOFKIT_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_PROOFKIT_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2007
"{90120000-0028-0411-0000-0000000FF1CE}_PROOFKIT_{85644C8B-569F-4998-9A4F-0845AA579E9E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0411-1000-0000000FF1CE}_PROOFKIT_{71FF7F2B-813F-421A-AAC0-616FB5048E3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-0028-0412-0000-0000000FF1CE}_PROOFKIT_{15281683-B481-47B8-A981-7043F35441FF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0412-1000-0000000FF1CE}_PROOFKIT_{D0A5685F-34E9-4B67-B32C-262263E55098}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_PROOFKIT_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_PROOFKIT_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0048-0409-0000-0000000FF1CE}" = Microsoft Office ProofMUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0103-0000-0000-0000000FF1CE}" = Microsoft Office Proofing Kit 2007
"{927454DC-D1D0-42EB-9C39-F87D4B8D6B5B}" = 5DFly Images to PDF Converter
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_946" = Adobe Acrobat 9.4.6 - CPSID_83708
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{ADF9FBE9-8F25-15A7-9E46-D575615FF009}" = Sid Meier's Pirates!
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1A820F9-9F85-4513-B601-A998FC1AFDA0}" = Politikens Engelsk-Dansk Dansk-Engelsk Ordbog
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C81B363C-3918-4D53-8B90-EBABA515928E}" = ASUS WiFi-AP @n
"{C845E16D-4D66-44C8-B7B5-53739900AC7E}" = Microsoft Office Accounting 2009
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA5DD6E1-B508-4922-815D-479E3228B17A}" = Europa Universalis 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1AC5696-CC7E-34D7-89B3-4D09E7CF7D14}" = Strawberry Perl
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}" = Microsoft Office Accounting 2009 PayPal Addin
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7F65223-C7CF-4F5F-BFF9-65461B11B8CA}" = Batch Image To PDF
"{F810C880-CBBC-4524-82C2-FA3D0AE48380}" = Hemera Photo Clip Art
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Amazon Kindle" = Amazon Kindle
"AVI DVD Burner_is1" = AVI DVD Burner 2008 v5.2.0.37
"BetMost Poker" = BetMost Poker
"Boxoft free AVI to FLV Converter_is1" = Boxoft free AVI to FLV Converter
"Browser Defender_is1" = Browser Defender 3.0
"BS1 General Ledger 2010.0_is1" = BS1 General Ledger 2010.0
"BurnAware Free_is1" = BurnAware Free 3.3.1
"CINEMA 4D Release 11" = CINEMA 4D Release 11
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Composite Wizard" = Composite Wizard
"Digital Editions" = Adobe Digital Editions
"Digital Signatur" = Digital Signatur
"dk.in2media.yousee.youseeplayer" = YouSee Player
"DVDneXtCOPY 4 neXtTech" = DVDneXtCOPY 4 neXtTech
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FM Genie Scout 11_is1" = FM Genie Scout 11 version 1.00
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameCenter_is1" = GameCenter 1.3.0.5
"GNU Backgammon_is1" = GNU Backgammon (MAIN branch, 20111003 code)
"HoldemManager" = Holdem Manager
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"Image to PDF Converter Free_is1" = Image to PDF Converter Free 4.02
"iMesh" = iMesh
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"JPG2PDF_is1" = JPG2PDF 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"Knoll Light Factory Pro 2.5" = Knoll Light Factory Pro 2.5
"LameACM" = Lame ACM MP3 Codec
"Liquid Story Binder XE_is1" = Liquid Story Binder XE 3.81
"LSJ.10833097DC514EE51FEAD518FDC12673948D1995.1" = LSJ
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Office Accounting 2009" = Microsoft Office Accounting 2009
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 9.0 (x86 en-US)" = Mozilla Firefox 9.0 (x86 en-US)
"NetGammon8" = NetGammon8
"NeuLion Adaptive Plugin" = NeuLion Adaptive Plugin
"Nokia PC Suite" = Nokia PC Suite
"OpenRPG" = OpenRPG
"Opera 11.60.1185" = Opera 11.60
"PartyPoker" = PartyPoker
"PDFtoEPUB" = PDFtoEPUB
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PROOFKIT" = Microsoft Office Proofing Tools Kit 2007
"R for Windows 2.11.1_is1" = R for Windows 2.11.1
"R for Windows 2.8.1_is1" = R for Windows 2.8.1
"Radium Glow" = Radium Glow
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.2
"Red Giant Psunami" = Red Giant Psunami
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SharkScope HUD" = SharkScope HUD 1.0.200
"SimpleOCR 3.1" = SimpleOCR 3.1
"SopCast" = SopCast 3.2.4
"SpeedFan" = SpeedFan (remove only)
"Spyware Doctor" = Spyware Doctor 8.0
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"Stanza" = Stanza
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 25800" = Europa Universalis III
"Steam App 34220" = Football Manager 2011
"Steam App 8930" = Sid Meier's Civilization V
"StreamTorrent 1.0" = StreamTorrent 1.0
"Trapcode 3DStroke" = Trapcode 3DStroke
"Trapcode Form" = Trapcode Form
"Trapcode Horizon" = Trapcode Horizon
"Trapcode Particular" = Trapcode Particular
"Trapcode Shine" = Trapcode Shine
"Trapcode Starglow" = Trapcode Starglow
"TVUPlayer" = TVUPlayer 2.5.2.2
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"Web Sudoku Deluxe_is1" = Web Sudoku Deluxe 1.2.2
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Write-N-Cite" = Write-N-Cite
"wxPython2.8-unicode-py26_is1" = wxPython 2.8.10.1 (unicode) for Python 2.6
"Xilisoft DVD Creator 6" = Xilisoft DVD Creator 6
"Xvid Video Codec 1.3.1" = Xvid Video Codec
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Chromium" = Chromium
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Play65" = Play65
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Sign In
Create Account
