View Full Version : Portal sepeti homepage swap
Hi!
I posted this thread: http://forums.spybot.info/showthread.php?t=67625 and was redirected here since the suggested fixes didn't work.
I hope you guys can help me :)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.7.2
Run by Bruger at 20:27:53 on 2013-01-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.4087.1814 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Windows\SysWOW64\NTServer\service.exe
C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.youtube.com/user/nillor0?feature=mhw4
mWinlogon: Userinit = userinit.exe
BHO: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Hjælp til logon til Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: kikin Plugin: {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Google Update] "C:\Users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [AdobeBridge] <no file>
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0} : DHCPNameServer = 208.67.222.222 208.67.220.220
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - hxxp://www.quakelive.com/#!welcome
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
FF - component: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Downloader\npdd.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - plugin: C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-10-30 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-10-30 370288]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-10-30 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-10-30 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-12 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2010-11-26 138304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-3-19 239616]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-3-19 1274880]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-3-22 18216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-29 8704]
S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2011-9-11 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2011-9-11 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2011-9-11 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2011-9-11 34304]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\lgandadb.sys [2011-9-11 31744]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-5-3 131912]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-26 59392]
.
=============== File Associations ===============
.
FileExt: .reg: regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2013-01-22 15:03:51 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5209D018-853E-4473-A0AC-37272F2AE2B2}\mpengine.dll
2013-01-22 14:55:21 -------- d-----w- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
2013-01-21 18:40:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-21 18:40:16 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-01-21 18:40:07 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-01-21 18:39:48 -------- d-----w- C:\Users\Bruger\AppData\Local\Programs
2013-01-21 15:47:55 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-01-21 15:47:25 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-01-21 14:20:08 -------- d-----w- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
2013-01-20 12:48:43 -------- d-----w- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
2013-01-19 12:47:37 -------- d-----w- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
2013-01-19 00:46:57 -------- d-----w- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
2013-01-18 22:03:19 802760 ----a-w- C:\Windows\SysWow64\navegaki.exe
2013-01-18 22:03:19 -------- d-----w- C:\Windows\SysWow64\NTServer
2013-01-18 22:03:17 -------- d-----w- C:\Program Files (x86)\Troysoftware
2013-01-18 12:46:25 -------- d-----w- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
2013-01-17 10:49:37 -------- d-----w- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
2013-01-16 14:48:58 -------- d-----w- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
2013-01-15 14:48:34 -------- d-----w- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
2013-01-14 12:49:28 -------- d-----w- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
2013-01-13 12:21:41 -------- d-----w- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
2013-01-12 12:20:52 -------- d-----w- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
2013-01-11 10:44:17 -------- d-----w- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
2013-01-10 14:26:36 -------- d-----w- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
2013-01-09 21:36:49 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-09 21:36:48 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-09 21:36:15 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-09 21:36:14 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-09 21:36:13 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-09 21:36:13 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-09 21:36:11 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-09 21:36:11 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-09 21:36:09 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-01-09 21:36:08 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-01-09 21:34:09 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-09 21:34:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-09 21:34:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-01-09 21:34:03 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-09 21:34:02 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-09 21:34:02 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-01-09 21:34:02 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-01-09 21:34:02 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-01-09 21:34:02 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-09 21:34:02 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-01-09 21:34:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:32:24 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-09 21:32:18 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-09 14:44:22 -------- d-----w- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
2013-01-08 14:46:58 -------- d-----w- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
2013-01-07 12:43:20 -------- d-----w- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
2013-01-06 13:08:43 -------- d-----w- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
2013-01-06 00:19:41 -------- d-----w- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
2013-01-05 12:19:14 -------- d-----w- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
2013-01-04 18:33:35 -------- d-----w- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
2013-01-04 06:32:57 -------- d-----w- C:\Users\Bruger\AppData\Local\{CC13E2E2-2546-45E0-9725-E5F498ED6CC0}
2013-01-03 18:20:16 -------- d-----w- C:\Users\Bruger\AppData\Local\{08CFE6B5-4DA8-4932-968D-C21D3D27B274}
2013-01-03 06:19:38 -------- d-----w- C:\Users\Bruger\AppData\Local\{500CE12F-B063-4EE6-84EE-BD096AD7BE2B}
2013-01-02 14:10:33 -------- d-----w- C:\Users\Bruger\AppData\Local\{8B353F46-5F4D-4773-A53B-C009ED58493B}
2013-01-01 16:20:37 -------- d-----w- C:\Users\Bruger\AppData\Local\{F7A7E781-4CC8-42C0-AEC2-FCB16519EC86}
2012-12-31 13:30:34 -------- d-----w- C:\Users\Bruger\AppData\Local\{868AE64B-7871-4B43-88E6-F6568F26E493}
2012-12-30 13:03:15 -------- d-----w- C:\Users\Bruger\AppData\Local\{4A37C2C6-1187-445E-9304-52D8B4C2B4DF}
2012-12-29 14:06:03 -------- d-----w- C:\Users\Bruger\AppData\Local\{E81CCC49-B69F-4D11-BFD1-D69147B597A5}
2012-12-29 01:09:29 -------- d-----w- C:\Users\Bruger\AppData\Local\{4CA807B5-8457-41E8-87D2-3B6C104BE87B}
2012-12-28 13:08:50 -------- d-----w- C:\Users\Bruger\AppData\Local\{85CE0E8D-447F-44F8-9E72-F67ACB49AAF6}
2012-12-28 00:30:27 -------- d-----w- C:\Users\Bruger\AppData\Local\{F6D61C46-E7A0-456E-9E21-F77517A6832C}
2012-12-27 12:30:12 -------- d-----w- C:\Users\Bruger\AppData\Local\{A0FEEC6C-0B6A-42FF-89DA-E8D92FE62022}
2012-12-26 11:39:17 -------- d-----w- C:\Users\Bruger\AppData\Local\{38E1841B-FAAB-4708-B7A5-BF0A0ED23D62}
2012-12-25 23:38:36 -------- d-----w- C:\Users\Bruger\AppData\Local\{78E3CCC8-6464-488D-A5E3-58972EB845C6}
2012-12-25 22:05:21 19131904 ----a-w- C:\Windows\SysWow64\rapture3d_oal.dll
2012-12-25 22:05:19 -------- d-----w- C:\Program Files (x86)\BRS
2012-12-25 11:38:10 -------- d-----w- C:\Users\Bruger\AppData\Local\{80A24350-45E6-481D-B832-E39008D5B965}
2012-12-24 23:33:36 -------- d-----w- C:\Users\Bruger\AppData\Local\{90691A0C-57CF-481A-9AE5-9629B593B5D4}
2012-12-24 11:33:18 -------- d-----w- C:\Users\Bruger\AppData\Local\{854343BF-622A-4D2B-9472-CE318459DB35}
.
==================== Find3M ====================
.
2013-01-09 16:32:26 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:32:25 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 22:05:17 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-12-25 22:05:17 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-12-25 22:05:17 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-12-25 22:05:17 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-12-19 20:50:14 5630200 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-12-19 20:48:48 11278336 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-12-19 20:29:36 23461376 ----a-w- C:\Windows\System32\atio6axx.dll
2012-12-19 20:22:50 70144 ----a-w- C:\Windows\System32\coinst_9.012.dll
2012-12-19 20:19:46 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-12-19 20:18:04 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-12-19 20:18:02 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-12-19 20:17:54 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-12-19 20:17:52 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-12-19 20:17:40 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-12-19 20:13:24 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-12-19 20:12:44 18982400 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-12-19 20:09:52 960512 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-12-19 20:08:04 1151488 ----a-w- C:\Windows\System32\aticfx64.dll
2012-12-19 20:06:00 6681088 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-12-19 19:59:44 5087744 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-12-19 19:57:00 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2012-12-19 19:56:46 550912 ----a-w- C:\Windows\System32\atieclxx.exe
2012-12-19 19:56:00 240640 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-12-19 19:54:38 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-12-19 19:54:22 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-12-19 19:54:18 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-12-19 19:54:12 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-12-19 19:49:00 7370752 ----a-w- C:\Windows\System32\atidxx64.dll
2012-12-19 19:44:28 4162048 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-12-19 19:44:12 6786560 ----a-w- C:\Windows\System32\atiumd64.dll
2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-12-19 19:33:42 619008 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-12-19 19:33:32 421888 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-12-19 19:33:18 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-12-19 19:33:14 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-12-19 19:33:14 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-12-19 19:33:10 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-12-19 19:33:04 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-12-19 19:32:54 552960 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-12-19 19:31:14 130048 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-12-19 19:31:08 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-12-19 19:31:00 104448 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-12-19 19:30:52 83968 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-12-19 19:30:16 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-12-19 14:45:12 222720 ----a-w- C:\Windows\System32\clinfo.exe
2012-12-19 14:44:48 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-12-19 14:44:42 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-12-19 14:44:36 64000 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-12-19 14:44:32 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-12-19 14:44:20 34518016 ----a-w- C:\Windows\System32\amdocl64.dll
2012-12-19 14:38:48 28732928 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-12-19 14:34:40 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-12-19 14:34:38 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-09 19:11:49 270240 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-09 19:11:49 270240 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-07 20:40:40 42440 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-12-07 20:40:38 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:38:45 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 04:45:15 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-10 15:43:20 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-06 11:11:52 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
.
============= FINISH: 20:29:51,26 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-22 20:36:24
-----------------------------
20:36:24.551 OS Version: Windows x64 6.1.7601 Service Pack 1
20:36:24.551 Number of processors: 4 586 0x2502
20:36:24.552 ComputerName: BRUGER-PC UserName: Bruger
20:36:30.387 Initialize success
20:36:31.458 AVAST engine defs: 13012200
20:36:40.144 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:36:40.147 Disk 0 Vendor: WDC_WD10EARS-00Y5B1 80.00A80 Size: 953869MB BusType: 3
20:36:40.166 Disk 0 MBR read successfully
20:36:40.169 Disk 0 MBR scan
20:36:40.174 Disk 0 Windows 7 default MBR code
20:36:40.177 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:36:40.184 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
20:36:40.201 Disk 0 scanning C:\Windows\system32\drivers
20:36:50.957 Service scanning
20:37:03.532 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
20:37:08.135 Modules scanning
20:37:08.152 Disk 0 trace - called modules:
20:37:08.172 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80048722c0]<<speg.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:37:08.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c65060]
20:37:08.526 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80049c9520]
20:37:08.536 5 ACPI.sys[fffff8800120b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80049c5680]
20:37:08.545 \Driver\atapi[0xfffffa80049b2af0] -> IRP_MJ_CREATE -> 0xfffffa80048722c0
20:37:10.042 AVAST engine scan C:\Windows
20:37:13.931 AVAST engine scan C:\Windows\system32
20:39:53.872 AVAST engine scan C:\Windows\system32\drivers
20:40:04.472 AVAST engine scan C:\Users\Bruger
21:21:34.833 AVAST engine scan C:\ProgramData
21:34:25.821 Scan finished successfully
21:43:35.935 Disk 0 MBR has been saved successfully to "C:\Users\Bruger\Desktop\MBR.dat"
21:43:35.940 The log file has been saved successfully to "C:\Users\Bruger\Desktop\aswMBR.txt"
:snwelcome:
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.
Running programs with Vista or Windows 7 , Right Click and select RUN AS ADMINISTATOR
Go here (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and download AdwCleaner to your desktop
Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
http://i24.photobucket.com/albums/c30/ken545/AdwareCleaner.jpg
OTL by OldTimer
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
# AdwCleaner v2.109 - Logfil lavet d. 28/01/2013 kl. 16:06:42
# Opdateret d. 26/01/2013 af Xplode
# Operativ system : Windows 7 Home Premium Service Pack 1 (64 bits)
# Bruger : Bruger - BRUGER-PC
# Boot Mode : Normal
# Kører fra : C:\Users\Bruger\Downloads\Programs\AdwCleaner.exe
# Indstilling [Slet]
***** [Servicer] *****
***** [Filer / Mapper] *****
Mapper Slettet : C:\Program Files (x86)\kikin
Mapper Slettet : C:\Users\Bruger\AppData\Roaming\kikin
***** [Registeret] *****
Nøgle Slettet : HKCU\Software\InstallCore
Nøgle Slettet : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Nøgle Slettet : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Registeret er rent.
-\\ Mozilla Firefox v5.0 (da)
Filer : C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\prefs.js
[OK] Filen er ren.
-\\ Google Chrome v24.0.1312.56
Filer : C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Filen er ren.
*************************
AdwCleaner[S1].txt - [339 octets] - [28/01/2013 16:05:04]
AdwCleaner[S2].txt - [1707 octets] - [28/01/2013 16:06:42]
########## EOF - C:\AdwCleaner[S2].txt - [1767 octets] ##########
OTL Extras logfile created on: 28-01-2013 16:19:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 40,07% Memory free
7,98 Gb Paging File | 4,75 Gb Available in Paging File | 59,48% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 254,51 Gb Free Space | 27,32% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0942825A-6AFF-463E-8976-EAD5CEB72B60}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{160B6CFA-A9C7-4AC4-8F67-B60E05BB5C3A}" = lport=49188 | protocol=6 | dir=in | name=akamai netsession interface |
"{1E716C46-D0DC-4ADF-81D9-C42843B03F9A}" = rport=138 | protocol=17 | dir=out | app=system |
"{224143B1-6A64-4DAC-A4C8-28C660386772}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{26B49BF7-8FD2-46CA-86FC-C81792973180}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{28E083DE-30A6-40CD-8728-5C4E74C90A09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2A32127F-AB42-4638-8C11-8ED8B32AC9A5}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A4F5BCC-5ED2-4C27-836C-BDEA42FB3F07}" = lport=6950 | protocol=17 | dir=in | name=league of legends launcher |
"{331661E9-1049-40C1-9C15-8D0E6E4C32F4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{35F4BAAA-68BC-410E-A2A5-E517BF4495E4}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{3918D269-AF6C-4ABD-9817-4AB3D77C233F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3B83CE3D-CCDD-4085-B756-D09EC8CB1A23}" = lport=6950 | protocol=6 | dir=in | name=league of legends launcher |
"{419771D0-ED09-43F8-8A4A-D393D804605C}" = lport=49174 | protocol=6 | dir=in | name=akamai netsession interface |
"{48C19349-2511-41F8-A01D-2A4347135F92}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{4989A1FB-53E1-4FDB-9BF3-AFD3C95F1752}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4A8E4E96-D266-4146-9B92-9DB6C6895873}" = lport=49171 | protocol=6 | dir=in | name=akamai netsession interface |
"{5AFABDA3-BFBD-42B1-9CD8-971480109400}" = lport=139 | protocol=6 | dir=in | app=system |
"{5FD238E4-BA4B-428F-8C75-6ED53691684C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6AC6C3BA-3643-440A-AB9E-34DE7F054289}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6AD1533C-71C4-4630-8839-AA9E6462E0AD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{741AA36E-3928-4D34-B93C-53E9A87C7B23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{74F57BB5-3D92-460D-97D1-78735C0BFAF0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D6F3612-EA8A-4643-AD54-A888A1FB3E6E}" = rport=139 | protocol=6 | dir=out | app=system |
"{918DD07B-5B88-4CC5-896E-7818C0C05AAB}" = rport=137 | protocol=17 | dir=out | app=system |
"{9817E684-5965-4EAA-9E46-A109195937F9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{A9EECA55-89FA-4289-9894-3F31F5100409}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{BB6FDD64-3C6D-425C-8180-2490A299E838}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC4376F9-06AC-45DC-89A9-6FFFCCD6AF69}" = rport=445 | protocol=6 | dir=out | app=system |
"{C01AD61A-D632-495C-BC5A-3063669B33B4}" = lport=445 | protocol=6 | dir=in | app=system |
"{C5F28916-CD05-4CD1-9F03-50F1386F5823}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE0E39C0-81F8-4E8D-8A40-417C41AD95C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA7EB1FF-C470-488B-B51B-91D65667BBBC}" = lport=137 | protocol=17 | dir=in | app=system |
"{E3A00FCD-4BA9-4D22-BD33-A13C05DC8F6D}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{EB5714F9-D731-4C12-B2CC-F15023F4D9CE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F546458C-E40D-4977-AE86-A1531C8376A6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FB2120E2-BC0F-435B-8D30-1A02DA1B8331}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{AAE77226-4F14-4B84-8363-474DDFDE228A}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021F9570-CEE6-40E8-A21E-AF1E086BBE19}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\synergy\hl2.exe |
"{03AD694D-5C5F-4F35-8A24-8289C0252525}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{05057700-AF89-4F77-8251-622DFB672058}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{067D9D22-1BE7-4D92-BE17-A17929034B6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{0733721E-E077-4CD7-935C-A30854ABD9E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{0817F428-B285-4DAB-B3EA-36E8A6E6DDF6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{08FCEFC4-33E8-4C78-91FB-F34E30CE20DB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trauma\trauma.exe |
"{093EFFF0-B59D-42AF-9306-91241A14DD65}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{0A51B5DD-5FD5-4438-B3D8-690745030C39}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{0BBFDED7-E45B-409F-A3C0-2728904D5D9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{0D47A833-0006-4F71-856E-38CE13F914C1}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{0D80649B-5493-47D1-97BF-0101E18BE285}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{0DB55FDF-663A-48DF-B76D-BA7B4D31B7C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\steelstorm.exe |
"{0F9695B6-FB99-4AF2-933B-1739E9C06BFD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{0FE29397-F4C3-40B1-B043-CB9B108D02E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\zerogear.bat |
"{1103A2B5-E529-4ED4-9EEB-760808D82BF6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{11300DBA-366F-463C-AFBA-16D6C18FB8A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life\hl.exe |
"{1161552A-A49F-4B4F-8059-67D838A11718}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{1172D135-6AF0-4EDD-9E62-CC41B603CD05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{118E1BAA-570A-4A6B-81DC-9964F2F40A20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{121C0507-A014-4514-82A0-BD27D63FF3A4}" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"{125F843F-831F-434B-BABB-671FDAEF5D37}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{1344316F-6FEC-4370-9A85-8F6C72393A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garrysmod\hl2.exe |
"{13EF50EC-2162-4FBC-A4D6-C9E371D8FE9C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{14D0441A-D809-45DB-A994-DE2018BA6CAF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\s9.exe |
"{14EF11F1-6C0B-4D81-B5CC-A2E1C41F7189}" = protocol=6 | dir=in | app=c:\program files (x86)\brawlbusters(en)cbt\bin\pblauncher.exe |
"{16476F62-5848-4ED0-9AA5-A539BCB72A63}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{164A49BA-3DCB-4198-927A-0A6FE6E1FB8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{16F3BE11-F687-4698-BF7E-C468E089F72E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{17D621FD-2F67-431B-B764-D74B8874528F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{17D887F2-ACF2-4858-9CBC-2D1F03B1EBAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\steelstorm.exe |
"{186EAE5F-460C-4F83-A7E3-7357C8CB8403}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{18B33BAC-7869-42D9-8A58-90B27C96E6A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nightsky\nightsky.exe |
"{18BDF44C-EAF8-4820-91E6-76099BD2C410}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{18FB7F36-4B6C-40F6-8498-566B168165BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rock of ages\binaries\win32\roa.exe |
"{18FC875B-A641-4955-9686-24E0B2FEE8E8}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{196C20F3-C012-48E4-BDEE-1B56FEB7B434}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{19A1578A-B167-417A-8ED7-79C518092E66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{19B21DDB-60C0-428A-8393-0F1440B37A23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darksiders\darksiderspc.exe |
"{1A394B97-C650-47FD-9640-8C5C0BA1AC50}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1ADAD992-A003-4F6F-97E8-824F50118AB8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{1B368EE6-8D33-4B8E-85D2-738BD0FB3597}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jamestown\jamestown.exe |
"{1B8A5331-B6A0-4E91-AD66-7DC3A236F16C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{1C834970-A443-4E6E-AD1C-E0EE38228E55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{1CDF7157-29F9-4054-94FA-EED19BE659A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{1D0F456D-6878-44CC-BCDE-3FF679098155}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{1DC973B2-C695-4CF6-913D-3BD5F5219FBC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{1DFC0DA4-132C-487A-AF47-BD8364715C06}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 trailer\smp.exe |
"{1E1A4B19-8072-4478-8263-4479D3B298E7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1E4CF2DE-8205-4EA7-A293-BFFAEE9A1B69}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{20CE5977-34B1-4276-9C7E-4C91476D7249}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\counter-strike source\hl2.exe |
"{21657619-D952-4B40-8FF8-BC41163F3EF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{21D6332C-7DC7-45CD-BAA9-F8C348E8DFBC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\source sdk base 2007\hl2.exe |
"{21DAE58E-35F6-4A23-AD23-ADD6BDCC9289}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{222F12F0-931F-4105-BA2A-954DBC05DAEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe |
"{223302AA-AF93-464C-A0F6-26D9555E69A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{22476895-762F-4AC0-913B-DF56A184F9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\counter-strike source\hl2.exe |
"{233506E4-9BF8-46F4-81AE-C10AA829AC79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{2348BFAB-93BF-4E70-B272-2436F24656E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{23563570-0BC9-4A21-A31D-1B6887D61AE8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{23740468-B8E9-4377-A516-225670D18577}" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"{23F24FEE-53AD-4435-B5DC-E78EF21BA64A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{24A3B1D4-382D-4037-986B-DA90C4298B9D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nightsky\nightsky.exe |
"{25355FE3-8EBA-4335-A7DE-CFE1B41589EA}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{25427A54-32E6-4FA3-AD1A-FF74E64719A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{270A8945-49B8-495D-B538-81EBC3FD3F00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{273D7911-74AE-48F0-959B-2B13F2328DCA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe |
"{28BA0B78-D8E8-49E6-A240-0765A17A5DAB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{28CA856D-5047-4974-97AD-247BE4D3202E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{294BBAD8-FE28-47D2-8673-361D9B2CE8DA}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{29EC06C4-E999-4892-9901-A855BBC70958}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{2A945ECE-7DDB-466D-A812-F2D321FE143C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{2BEF6925-F9D2-4CB4-9BC0-804D75CEF9A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
"{2CDE5CED-65E8-4A5A-BA96-04E82EBE0C33}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
"{2CE565E9-27D4-4958-8D42-5B7DE41E2EBD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{2D4BF87D-2142-4C44-8261-A9D08CE1201D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{2E09A52F-1349-4060-8118-57211137B323}" = protocol=6 | dir=out | app=system |
"{2E49821E-F28F-4E53-AA11-CF5950B83D79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{2F03F949-69D7-491B-8A43-01675CBE4DB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\day of defeat source\hl2.exe |
"{2FADE8EB-2E6D-479E-8660-667E7B637F02}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip runner\runner.exe |
"{2FBBF486-233F-499F-B2FC-7705C980CC96}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{2FDEF204-5E42-4E65-8D89-1A87FB40190A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{305115E3-BAA8-4FD8-8EEB-159ED32DE0BA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{30AD9FB6-49DA-4D9C-BDFF-BAB0053BD9E1}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{312D0390-B9F9-4C35-91F0-BA14C87DD2C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{319E2EBB-A8F0-4DA1-A035-549EF96DFE5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{33499CF5-C5F9-4623-B035-CAA07011F60C}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\blur(tm)\blur.exe |
"{34230D27-ED25-42C1-B141-587FA2CECFA2}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{34F23246-23B7-4FD5-AD77-C445F014FF72}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{35A0D22A-9A74-46B2-99A2-A4E216D4DDD9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{360D26BB-F87F-4F85-A738-BCE5A5D74737}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{361CA3E3-2ADD-47C7-8ED0-BDD2C2DA6D41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{367000C7-B6C2-4CB3-B713-A92463A8C5DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life\hl.exe |
"{36742DC7-7A73-4F8C-9C9B-DF5C6BE15980}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{36A694B4-4F71-4BBA-BBE2-9DA30D8EE7CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\renegade ops\renegadeops.exe |
"{37EF1823-103C-4181-8131-F6BE3AF94A40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supercratebox\supercratebox.exe |
"{38B7786D-D987-4C85-A231-D8CC65D8342F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{398C89CD-8DF2-4290-BE63-3D35E0383411}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{3B3E426D-C6DF-4C68-BEC1-19AEEBEC1A70}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{3C1DE353-859D-4191-A2A5-E2580912506D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{3C2AEBCC-38E4-4500-BE28-59D84722F662}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{3CD0050E-19D7-42FB-80FA-39B3A04F65C1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{3E3AB7E0-E2DE-4A36-A1AD-A2096F0A927A}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{3F1A8BA4-FF16-43F6-BE85-9C0A20715DF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{3F503929-407D-4166-AA6E-2E5936658F0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{3F8DDE20-EFF7-4435-832F-94587BCBB78A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{3FB97107-CD5B-4609-BC5A-F9725E54AB18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe |
"{405DEAEA-A0D1-47DC-9CDD-B47B8BE3D400}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe |
"{40793C26-7638-4142-84DC-23B9F29865B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{407F8F8A-73CD-4FF6-B522-A3B794A2257E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{426B7B34-D6EB-43FB-AA88-D6BE9661EA2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{4373FA91-EC6C-452B-8291-15A977714BD1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{437C6C38-05CA-4598-951B-79A8AC5387DA}" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"{44A228EE-A580-4A23-A891-228C3B8EDC0B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{462E88DF-939C-431D-8685-CB261270A4B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe |
"{466CDEE8-24A6-4123-8B60-37F11CF6E18E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4873C6B4-B787-41B1-96FD-787A8EBC0DED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{49F78AB4-DA51-4BE1-AFE5-C88810879A1D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4A1FDADB-92F8-4BC5-86F4-594AB20F7B83}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{4ADECD3F-612B-488D-999C-98BA99917023}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{4B4D1D71-D67C-41E4-B5BC-CC19B3DD673E}" = protocol=17 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"{4CDF83B9-DB72-4BA1-961F-9FC1A2DD9563}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{4D7E42FA-E373-4554-88EA-741DB81E397A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\day of defeat source\hl2.exe |
"{508D402C-3608-4AFE-97AC-7D905CA8DA2A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{50996DCB-F074-4262-BDA5-EA7DEA2AB293}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50B5F0DF-8694-4719-ABB3-4B137D3FD0F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{5107E6DE-5FA6-45D0-99D7-92682CD1A640}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{511E7362-6E40-4951-B12D-ABB6A92841BD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{51298C90-CA35-4C8F-9E63-B353F6252C2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{528BF88E-342B-4994-A86B-61BC35C4DCCA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\counter-strike source\hl2.exe |
"{53546829-DE9B-4706-AF69-63ED78D4AA43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{53DC2FFC-E89B-47B9-B8F4-5FF96BB8C00F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{54DB97FF-9CC4-41CD-8F05-F88186156729}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{54F501F4-DD60-4A44-BF3C-FDF1FF992943}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{555D0E64-05BB-45D2-AB72-8155CAA33AF1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garrysmod\hl2.exe |
"{565E5D6D-22F2-40F0-BFF5-8BB2F01F43BA}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{57C66E3E-86ED-4691-91C6-88C9619C9E73}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5946A23D-6F7C-4D29-8798-B5C5E9CB487F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{5B8FBA36-3075-4E87-81AF-4258BC066291}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{5BDE5216-BA5B-4BD9-8ED9-FA465C9B6557}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe |
"{5DF92D84-0AB8-482C-A4EF-36776126983D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{5E654F38-F78C-4028-8888-2F16310B7F0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{5E87DC4F-C518-4D3A-8147-32950051925E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5F73276D-1827-4F75-AE54-B8D037FFB6C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{5FDACD40-561B-4D3F-A156-399D33575723}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\counter-strike source\hl2.exe |
"{607DF866-0094-4C8C-AE28-F672C53F593E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machinarium\machinarium.exe |
"{6103CF82-0D48-4B61-8578-ADF9046A57CA}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{61DC554B-48A5-4DCF-8462-DB74EB83F83B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{63C22FBF-B2FC-4FA1-9A2C-842F29E23028}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{63C73A8F-7171-4C7D-A4F9-F59ACDCC2F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{64B325D9-DE4C-4396-A59C-2A8BCEE0237C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{64D51A30-3642-46F3-B653-DA78D769B2AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{671E2C7E-BFB2-4DA1-84C8-F0B3E0DBF331}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{67E74613-EACB-4264-B68D-487EB9097534}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{681B2F69-9060-49A3-A558-0285BC5EA777}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supercratebox\supercratebox.exe |
"{68743AA0-9DF9-47A7-84D3-052D3E910362}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{687B0B6E-B0B0-4956-99FE-376320258DDA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{691DC347-203F-47CA-9BF6-42E605C01909}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6A18B2CA-77FA-4B27-A108-99AA9F6A3D6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{6A3D3BA0-F118-4694-B9BC-726CE4526884}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds survivor\survivor.exe |
"{6A618FC7-0756-487B-A828-861A2255BAE9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6A8CA7D5-F0A5-45F3-87AD-7B53DD5FB4A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{6A9A8BE8-C183-4242-AEE7-69B342BC4780}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
"{6D810366-3150-4311-94E2-A3F2515FD461}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{6DB98C11-919C-45B0-8220-2159DCC434BA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6E55AF69-641A-496D-BEF9-D99C2C0DEFAA}" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"{6F1AA61E-6F2E-4B28-838C-F594E3AECD85}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6FC24B33-80AD-445A-9D8F-A04F176BF4B5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7026F286-8F02-489A-969C-D26393342BF7}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{71C9363C-3A70-42C2-9971-828D26F28953}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{7209335B-637E-47C5-A606-A91232F7C42F}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\blur(tm)\blur.exe |
"{733C3951-29F3-408E-8143-47F2FF4C20A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{746A01B9-D985-4799-8FC0-8010FD4E6E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{74A87137-1B53-4664-8532-5BFE20AF152F}" = protocol=17 | dir=in | app=c:\users\bruger\appdata\roaming\dropbox\bin\dropbox.exe |
"{74B38823-DC3E-4C18-8279-9D692C9A3D33}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{763C007B-98A6-4868-9C08-387C46517FAD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{764C0887-54A3-44E4-9EEB-BA21BD5E9656}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7664A05E-55BF-4A4C-B7BB-48B0CACF7FAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{77383412-B96F-448E-9C34-320B9F06C580}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{7743744C-02DF-4026-89AE-B7FAA9D5864B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darksiders\darksiderspc.exe |
"{777D8E13-526A-4150-97F6-B3FF8D472797}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{7814A049-BDD3-4A7E-BC7A-C89204D2DA4F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{785D270C-4F75-441D-8BD4-876D191F33A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\renegade ops\renegadeops.exe |
"{786DC90F-E9F6-4EA1-9DA8-9E3749D39552}" = protocol=6 | dir=in | app=c:\program files (x86)\bf3 alpha trial web plugins\sonar\sonarhost.exe |
"{795A2FBF-4356-413E-B57E-9A6EAF65966D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{798D5007-A869-44B3-BF49-41EE96E0178B}" = protocol=6 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"{7C218356-4AA2-40E4-A962-84FFE0CFFE66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7C474830-28A5-4FA3-BE75-32898CDE6D19}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{7FFB072D-76A7-40CF-99DF-F10E4A49A5BA}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{80532AFE-8FCB-43A5-9962-14CE2C72C9F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip runner\runner.exe |
"{81E7BBC5-9802-40A7-970D-CE21141BC3E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{82094CF2-1CE8-4343-A09A-EF95AED49D97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{83570447-6C13-4C7C-873C-43BBFBC3841F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\day of defeat source\hl2.exe |
"{8462C242-2523-4290-A22D-D56BCA348C1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{85957369-EE43-41BD-9733-AE37D9B87035}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{85D43D2E-8351-4DB4-B205-D42BA0E992EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{85F3C6BE-0BEB-4711-BDE9-159E741C57DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{86332D58-1195-4A16-834F-7FF8B7DDF776}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{86F5E6A9-3326-489B-BC95-107AC60553AE}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{870F5127-81FD-4FAA-A565-5695D8F2A181}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87146EBA-51A5-4AC2-A5B0-F6A19D155D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nightsky\nightsky.exe |
"{88223327-BBFA-4293-A191-CF66399C57A5}" = protocol=6 | dir=in | app=c:\program files (x86)\brawlbusters(en)cbt\bin\pbclient.exe |
"{88A05417-A26D-41B3-8002-750AC83AADE1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{897AE931-62DE-44D5-BE8C-37B44621A783}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{897F09BE-EB3B-4EAA-83E5-318995C998E1}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{89AF1E9A-14B6-424E-BE3D-532180EF5082}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{89E2E696-B6C9-448B-877C-1A7C51D1B747}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{89E393AE-AB7D-4AF5-A2C9-15F9A9D32512}" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe |
"{8AE214F3-B23F-4D64-8CF1-93C8CE4B2A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{8B71D250-5A62-488E-85B3-D2C03350855D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{8BA658B2-2A36-48A4-9D62-5B52DDCC87C1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{8BF3BD8E-AB13-40B1-8A43-5D88052DCEF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{8C3BF1B5-EECC-40E9-878D-C6A83816473B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life\hl.exe |
"{8C7E8A75-E104-41E4-853A-4071AFEE2815}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{8CD46D15-3BFF-49A3-888E-EBC62494B543}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{8D87AA71-3CDF-44CC-B106-98C72B3ADD99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{8E8DAAC9-7A7D-4A46-8962-F8861125A69D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third - initiation station\initiationstation.exe |
"{8ED747CD-D2FF-4B26-8252-8910C692243D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{8F1FC78F-E49C-4C49-B34C-78A253420785}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{8F4C8AB3-4037-48F3-BA13-AD1CD0403BF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bully scholarship edition\bully.exe |
"{8F739EE6-3FE2-432F-B10A-89F116B8FA07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{8FDDABA3-04EB-4603-8C53-B7DDA5A33B50}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{90AEDF0D-8516-4805-8178-A6243FDBA352}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{90B67E10-395A-4112-B518-0E683DBD82DB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{9282AFE8-6742-47C2-A2AB-709977D1DAC4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{930259F0-50AA-4FBE-9E9E-DC992E79BDA5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{93B8BC66-B1B9-45FC-AE88-D08DBD22504E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{940099CE-F910-44C8-B04F-8ED733D2C138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94FCC81A-790C-49A4-9445-311331AEED72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{94FE63DE-27C6-4D32-AB33-62EA1214C8AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{954EA695-6E2E-4D4A-A2BB-8F3A15AC8855}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{958D8DE1-6136-426E-BDF2-7CB49F3199D7}" = protocol=6 | dir=in | app=c:\users\bruger\appdata\roaming\dropbox\bin\dropbox.exe |
"{96763881-9C85-487A-B2FD-1C29A628866F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{96997F2E-C3B8-4C11-88DC-547226269B75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"{96D20266-9576-447D-9BD0-552CF34F9944}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{96FE84DD-F5BE-4DFC-AD37-FEFF467F45AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{994626E4-A100-4170-B77F-2C7F2B4CC9D4}" = protocol=58 | dir=in | app=system |
"{994AFF6F-0D08-442C-90B9-A4127AA018C2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{9A74AADD-074D-49F8-8610-F47CBDB1D0C5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\steelstorm.exe |
"{9B01D649-9B35-4DCA-8CA4-E43E65824D10}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{9CBA3AC8-5C3D-4D32-A3DD-89BAE2FE57B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{9D297045-9CB8-4DF0-A8FD-F7627DFBC146}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank\bin\shank.exe |
"{9D96B639-7959-4A3A-8F96-89CDA474EB2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{9DEF0EF1-0B95-4E68-87C3-52C26459BE8E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{9E642EE9-B3C2-45F8-ABD3-DBA21AC69E85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{9E822E06-3B69-458D-8E38-86C0FD85A352}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{9ED498BA-4ED0-4310-9BAB-080F8C99BA75}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{A0A872FE-76BC-4F76-B79F-603DF2CB3D99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{A1781C52-C527-49BD-B290-55B8D998F9D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ava\reactor.exe |
"{A1ACB606-069F-439A-8D12-9FEBA58E9CBC}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{A22CBDBA-716B-40C3-8A35-4DCB00C96A57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\steelstorm\steelstorm.exe |
"{A230FFB2-16F5-4507-8E1E-373E9A668BC7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A294BED5-1CB3-4537-AC4D-56A8FB8157FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{A2FD44F1-5D82-4A39-A51A-6566AE0A4781}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{A37753E3-667D-4E86-97DB-BC04FC947C12}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{A39DFA31-440D-47F2-AC94-E9D3B291BFA4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A412B0E6-95A3-4E5E-8BE7-16736CBA1819}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{A43D2A8B-98D3-4998-9986-BB6E026DA5D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{A4A969C3-0A2F-43DF-8181-68C3565B3BFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{A79C0827-9A9A-4497-BE11-6849C66D26C5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{A7ED85D0-DAD6-4CF7-A7D4-64854FCB9509}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{A86C0789-95E5-4FC8-9F8D-7E7D3BF6E8F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jamestown\jamestown.exe |
"{A88D8F24-C256-49CF-A6D9-63C91FC4963F}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{A8BC2572-CCE3-4B40-8F69-B3615FA014B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\zerogear.bat |
"{AB6B4A26-EA88-49F0-947E-77972363A461}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{AC7A9A77-192E-4E03-A9C6-2D10016020E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{ACCEAC22-97E4-4865-8949-34E51B30B307}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{AD288033-2723-47AA-9910-CE304C044D75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{AD9D3F7C-193C-48F1-B023-549E62ECB26C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{ADDD4F13-7158-4C58-A10E-BFB5F4F7C0D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{AE06ADDB-2A2A-4A9E-9C76-08366C13E435}" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe |
"{AFDFFFD7-05F2-483A-B401-F54CDF3E3E26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\synergy\hl2.exe |
"{B061078C-992F-4AC6-9DC8-90F670466977}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B0F5A6C6-911E-486F-B770-6F5D2FBCB630}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{B0F70A61-C32E-4EA0-BDB3-DCB4E015F337}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{B144833B-7542-4EBE-AA28-A0423512C413}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B144A1AC-0852-4FA8-B97E-B8A17CFD8933}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{B3C824DF-7FC3-4D82-80C0-AC78A4E6FD42}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{B436BF00-AA20-41C2-A032-F774242B4345}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B4DCD2B9-5A97-400C-BF87-E035CF5A3FC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loadout\loadout.exe |
"{B50428DE-E39E-44C8-B7C8-857A8420A0A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{B6EA18AC-CA93-4B3E-879C-F670AF890077}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{B6F0F8CE-2DCF-4E0D-8DAD-A5939CF6CB30}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe |
"{B87735CE-20CA-434F-8B8D-62F123A98025}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B8C600F5-C7A6-4A0B-A8D3-9855840F4809}" = protocol=17 | dir=in | app=c:\program files (x86)\brawlbusters(en)cbt\bin\pbclient.exe |
"{B981D1AA-B404-4CB3-A5D4-C86DFFE0165E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{B9BC2825-AD7D-4006-9225-B0A18A28DD9B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{BA0B9255-00F5-4111-BBEA-3A2421BD6C8E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BA98A6F7-921C-4202-AC7E-E0567794BA7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{BB3F1EAD-2943-4F05-8436-EC5871E85B64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{BB485FE1-6432-447F-9789-35E2BCDA23A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bully scholarship edition\bully.exe |
"{BB48A281-13F7-424F-9EAF-DF1054B7E943}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{BBFDEB0E-CB9E-412B-B0D2-3FE24E389710}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"{BC0A6025-A27B-4E49-BBAF-88214DDD12BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ava\reactor.exe |
"{BC211823-BCF3-4DDA-AB8A-8E04F1C907D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{BC3D3372-8492-4534-81CC-5ED2C7379C4D}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{BCBBA9B8-4A9C-4DCD-8A8A-94366365FD33}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{BCC22234-F0FD-4FCE-BBA9-E97A4559274E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{BD335891-15FB-43CF-B059-769442A09B45}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 alpha trial\bf3.exe |
"{BF368773-C584-48A3-97A0-B25A2FB7C4F1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{BFF1E6B7-E5D7-46A9-9578-22269214B00E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{C009B4A2-2736-448A-B49D-FAD2C682A6DC}" = protocol=17 | dir=in | app=c:\users\bruger\appdata\roaming\dropbox\bin\dropbox.exe |
"{C025F98E-5A90-4564-A753-80EAF610B23E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\s9.exe |
"{C17E54F8-85E3-4BDD-A113-5ED4105B91A2}" = protocol=6 | dir=in | app=c:\users\bruger\appdata\roaming\dropbox\bin\dropbox.exe |
"{C1978EE4-85FC-43AD-95C6-A15D69D43A4F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{C241FBFD-AEB2-42E6-8071-06086F0CD865}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{C265651C-FFD0-420E-BED6-6613B7C6F303}" = protocol=17 | dir=in | app=c:\program files (x86)\brawlbusters(en)cbt\bin\pblauncher.exe |
"{C2CE0219-8A94-412D-828C-D1816DB93AFA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{C3507A45-B1C8-4B96-BEA2-4D7E0B43F476}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{C4B374F6-1352-459E-A52C-94F975DB25D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{C5123261-9688-487A-BBFE-13A9399518E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{C5A00243-6CBA-43FB-B977-94ADDC271F64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C602AFF0-FF5E-4A48-8F57-2C11F770583F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C623A29B-5D97-423C-89B0-163F36EA495C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{C69E0CC9-3418-426C-815B-77EEE08138A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machinarium\machinarium.exe |
"{C79C055C-4589-4FF2-9C6E-945FAA935AF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{C7FEBBF3-32C6-44D0-AB99-99464D27B1A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"{C94C04C5-69F4-461D-AF36-377B65D6F2E0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank\bin\shank.exe |
"{CB21722F-2F20-40DB-BED2-3FF0CD4F044E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{CB977553-0B47-4583-AD6C-30A3868BBD40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rock of ages\binaries\win32\roa.exe |
"{CBA54746-DF00-4962-BFA5-766D2259CA58}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CBB1D82F-40CA-4A27-BE41-D08B92ABC228}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{CC68207A-E7DA-46BB-A127-D88560268D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{CC811A10-AAE0-42FA-9048-9CAB2AD60CEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trauma\trauma.exe |
"{CD48D400-1227-4B7F-A36E-1F23D1A406DF}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{CDE75092-C3E8-4F86-A451-514456BD9DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade warband - demo\mb_warband.exe |
"{CDAA3F88-7EDE-4DA2-8E6B-8E048FA3258D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{CE32A995-7BDB-4895-854A-AF9B3581E326}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{CF37FD31-B732-4265-8DF5-68C41A516F8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{CFCEBCD4-A2BB-48F0-9FE9-66A335EC4BDA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{CFCF83A5-2591-4978-A16F-38BAACBFB21C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{CFD70571-87C6-4120-B9F5-91DB418DA39A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{D08C92F8-8FEB-4CE5-843C-337244E77B04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{D1028FE0-7B46-47B2-A9A9-7F8096A9DABC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{D12C7A06-1F57-45CD-B743-61B7C8567F00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{D197E241-F7E1-421F-B901-05A0AC23B124}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{D2088A7C-6601-4DE9-86E3-689970D1289F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{D2B536F6-C141-45FD-B073-D357742AD47E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{D319182C-CF3E-4E41-A654-7A1C53C00D90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{D3203736-FB77-48BE-A7AF-AEF3A96E2304}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{D49A990E-3855-44AA-A02F-7B86798297E2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{D5891C14-DA2C-4145-8C34-C227D9F7AB16}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{D597A633-E7EC-467A-B618-EF1017AFDB59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D6412102-062E-4267-A49F-6E0E95392F3C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{D7369311-7006-4B3F-B231-9DEB81EF3911}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D7B3E047-C7B6-4320-AA11-E3BFF66BDF20}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D7B8C14F-D3D9-41FC-9152-4FF50428566C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{D86034F2-CAC9-4AD1-B8DD-AC1B677BFAF0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D94BE5E7-6C21-4F1B-8A94-A7648156D51F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{DA5A21D1-0078-4BE2-A984-782D3EDF4E8C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DB7FC04B-E87B-4081-A134-288C9996C9A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{DC64B034-8637-419F-A523-4F55AED15639}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life\hl.exe |
"{DD4DFA11-B792-4BE7-8DFE-CC561422BEA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{DD5976B1-AE3F-4915-8CE5-274E1A0A63D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{DF3629C0-D5AE-44D4-B749-6D7D8C6C72EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\synergy\hl2.exe |
"{DF67B634-98B2-402B-90B7-CD3CC15E7536}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\day of defeat source\hl2.exe |
"{E1FE5B84-6EED-4FF1-9A40-9037D72D7836}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{E310C2FC-3E97-46A7-A607-4A1CCA2F59CD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E327CD8F-FA64-4560-A75A-60B438682AAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{E389AE87-0F0A-451C-A86B-4B47C7E9393E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{E3FBA5E7-41AE-4BAD-8D50-B403DD6B8AEA}" = protocol=17 | dir=in | app=c:\program files (x86)\bf3 alpha trial web plugins\sonar\sonarhost.exe |
"{E550727E-6C00-4DF1-AB20-A7280E729078}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garrysmod\hl2.exe |
"{E57B0E66-1127-46C8-8B14-A9D206B68A85}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{E5BAE518-7793-45E2-A955-EA6C644DA826}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\source sdk base 2007\hl2.exe |
"{E7496679-5362-4440-9573-2DE5575E4DBD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{E7FD9B32-D58A-407C-8981-2BE367C9D046}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{E8B1CF9D-95A9-45F4-AB02-F432CAD8421C}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{E8C93934-0B32-4247-A80F-7D362F183839}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{E8E7EBCA-1379-4733-98F4-FA799FD1ACE2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{E928EF9B-7754-4507-8D5E-09763113B3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garrysmod\hl2.exe |
"{EA4EBC98-F268-41BB-91EF-014E6DDBAF8E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{EC954178-DAB0-4A1F-A121-22304DC7B73F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{ED0BBFCD-925A-48B7-A5D2-CB1FED02B521}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{ED4DB4D2-1F9B-44ED-B207-21BFDFCC9CE2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{ED8EEB48-E265-4550-BD18-B7157A19521C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{EDC1EC92-96AD-424D-AE0D-7380DEED352F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{EE673E6F-E8B7-4DB7-9EBF-E627C84B6EC8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{EE752354-0FC5-4447-A5D9-7B379320A1CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{EEAD357C-9B6B-4BCF-ABE2-B8FD34BB85E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 trailer\smp.exe |
"{EEF9017B-1E61-4669-88BA-1140478F8677}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nightsky\nightsky.exe |
"{EF49CAE0-F3FF-4A9D-824F-98893CDB825C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{F0499445-1CBB-44A9-BF81-C029799A6EF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F19197EB-7ACC-4C55-99D4-BE1E63DEC24E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{F1AF2EBF-51ED-4052-9DAC-E6B5B87A6E13}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 alpha trial\bf3.exe |
"{F1D03DCF-19AB-44F7-85F1-C72D00AB47AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{F4F8398D-2C2D-4C06-8ED9-9772582847DA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{F53AFE42-3626-4659-BA93-A5072D8AB434}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{F5CD6C3C-0FE6-42C0-97A2-3BB58725A9CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{F6F1522E-8C8A-4814-AE64-760345A72D33}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{F72A0872-9C3C-41AE-9201-95F194B8F9AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{F813D160-5DD0-43BA-B84F-98E4FDC6361E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe |
"{F842DDA3-8BDE-41A4-A644-433BEED3CB94}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{F8CC2616-6674-4B79-9EFE-EDBE352B7099}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{F8D81A68-20CA-4F79-A1CB-F12F902FFB6F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone
survivor\lonesurvivor\lonesurvivor.exe |
"{F8DBA9BE-CA05-491C-BD05-4029EA507E56}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{F96AC14B-7038-4425-8286-BF56BD11330B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{F9B4339F-EAE8-4EB5-A053-D8BF4956235E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{FB034D5E-59D3-47CA-98E9-79CB39705D9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{FBF336BB-DD53-4C4E-8E2C-D7A0EBFCA622}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{FC606C0F-861B-464D-9695-1964E6F11DC6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"{FCF9A877-48F4-4679-B946-2374721ACA66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowgrounds survivor\survivor.exe |
"{FE520BBD-CCAD-42D9-A4D6-29A1BDE19AA0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF293D14-14AE-45E4-A537-FAF36F397E7A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{FF6A447C-F3AB-4D2D-9326-957EE297911E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\uberlauncher.exe |
"{FF76FE7D-D3BC-4415-887F-34D6EB080A6A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{AA37C0E4-DECD-4D3A-B890-B7CF2455051E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\synergy\hl2.exe |
"{AAA6C3DC-07AA-4C8A-BEAB-AECA76EC80F1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{AAAE6F15-8FC0-463C-A7D9-CCA5A3D0AC09}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"TCP Query User{04207E2E-0E18-4508-8FD9-7F26E7DE74DF}C:\users\bruger\desktop\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\portal 2\portal2.exe |
"TCP Query User{09B93E70-5644-4B73-AB22-2A79B6ADE8A6}C:\cyberstep\getamped2_us\ga2.exe" = protocol=6 | dir=in | app=c:\cyberstep\getamped2_us\ga2.exe |
"TCP Query User{0A5E5319-BDCF-40BE-BF3B-7F5BEDD3AC33}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{0ADBCACA-B0BA-4187-BA54-5A60F55A5E07}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{0BCE07FC-A921-4277-B90C-98ADADF7085D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{0F18CFEA-50D5-4169-B588-5BF962598007}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe |
"TCP Query User{121733BC-5F84-48F8-A316-93859A21B7DF}C:\program files (x86)\ace of spades\server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ace of spades\server.exe |
"TCP Query User{16E8CB8C-5CB1-463A-9825-899F4F43B01F}C:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe |
"TCP Query User{1C1F30D5-0F04-47F8-9A85-5DBA004CBBE4}C:\users\bruger\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\bruger\program files (x86)\dna\btdna.exe |
"TCP Query User{1EA2E9A7-12D9-4A87-990A-6BB9C741C784}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{20F5CF35-5DE9-4EFA-88F3-94DF8D56E5DD}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{26FAF812-BA85-4716-93ED-4D291CB81119}C:\users\bruger\desktop\suckadeburpadurp\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\borderlands\binaries\borderlands.exe |
"TCP Query User{27223E3E-8A4E-4409-883C-25C729AC184D}C:\users\bruger\desktop\suckadeburpadurp\volition inc\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\volition inc\red faction guerrilla\rfg.exe |
"TCP Query User{2E07152D-6BB9-473D-A365-B05E1E2AC76A}C:\program files (x86)\steam\steamapps\knud_erik\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life 2 deathmatch\hl2.exe |
"TCP Query User{329E3E31-F907-4EE7-95D7-49AC7BE94513}C:\users\bruger\desktop\suckadeburpadurp\r.g. mechanics\colin mcrae. dirt 2\dirt2_game.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\r.g. mechanics\colin mcrae. dirt 2\dirt2_game.exe |
"TCP Query User{3C93492A-E961-408A-88DB-CD0660FF5078}C:\users\bruger\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\bruger\program files (x86)\dna\btdna.exe |
"TCP Query User{3D02424C-F331-4339-8C71-74C1E1A3536A}C:\users\bruger\desktop\suckadeburpadurp\blur(tm)\blur.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\blur(tm)\blur.exe |
"TCP Query User{3D3F0A53-B611-4898-B846-51AA9BC1AEE0}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"TCP Query User{53A25FD0-94E8-449A-91C6-5EF7065ECE58}C:\users\bruger\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\bruger\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{57676175-B75A-4224-99A9-DECBAEF5763B}C:\program files (x86)\driftcity\driftcity.exe" = protocol=6 | dir=in | app=c:\program files (x86)\driftcity\driftcity.exe |
"TCP Query User{651F8E40-19E4-421A-9A66-041E1AA563CC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{74952F6A-5917-4951-8F45-FD23A2FE6AE9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{7605808D-223C-48C7-BF97-4D9CBA91688A}C:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe |
"TCP Query User{77BC7965-3AE9-4DBA-91AD-984A0EFB2904}C:\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"TCP Query User{7A2C8A0D-E10B-4A82-8F8C-0558E27F5D0A}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"TCP Query User{7A9E0F1B-2EF0-4A38-B8D3-5DF8348C9244}C:\program files (x86)\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"TCP Query User{7C3C5BF7-8A69-4931-8F39-ABD4960AB2C1}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"TCP Query User{82A87D2B-7A0A-4CC2-9F6B-9ED89DA9E052}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"TCP Query User{905D3F1A-6F57-42CF-99DE-341A2ACBE283}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"TCP Query User{975113CC-1D1E-4117-BB52-1F7678EA0F36}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{9A9D2910-BA1A-4B05-A131-28FA7F7E9B22}C:\users\bruger\desktop\desperate gods\desperate gods.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\desperate gods\desperate gods.exe |
"TCP Query User{9EB37DBD-8EC6-4BC3-B7AD-A12EB6EC2C31}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{A0659C59-70B0-4991-8DBE-4E766E87C100}C:\program files (x86)\steam\steamapps\common\fallout 3 goty\fallout3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\fallout3.exe |
"TCP Query User{A412E27D-6830-440B-8071-8C551356B2F7}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{A757C9F8-BDA5-4405-914A-F1CB77ECA2A8}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{A9A3CD52-25F2-4BA4-975C-20E3FA568313}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe |
"TCP Query User{AD494F52-8158-4F81-B898-BD1B82F7514B}C:\users\bruger\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\bruger\appdata\local\akamai\netsession_win.exe |
"TCP Query User{B9434649-084B-47C5-90B1-CA107CE27D41}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe |
"TCP Query User{D638C9E7-E9FB-4E06-987A-C8567F4224A9}C:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 beta\hl2.exe |
"TCP Query User{E701FAE5-E85A-445A-B179-05BEE8CECC11}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{EF71AD48-D4D5-4A65-AA78-17F323CD3B54}C:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe |
"TCP Query User{F2E31163-9DA1-4B54-A7E3-2D891F8EDA7E}C:\users\bruger\desktop\suckadeburpadurp\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{F427A93D-A2C4-42AB-8F27-8492F79BEAE9}C:\users\bruger\desktop\suckadeburpadurp\mass effect 2\binaries\masseffect2.exe" = protocol=6 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\mass effect 2\binaries\masseffect2.exe |
"TCP Query User{F681C7E3-3ED2-4DE8-8A35-91C98EDB91CA}C:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe |
"TCP Query User{FE8E4262-8760-4135-B53A-E12781BA985B}C:\program files (x86)\r.g. catalyst\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. catalyst\borderlands\binaries\borderlands.exe |
"UDP Query User{07A73C7A-D2FE-4F6B-86E1-C59834FB02D0}C:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\section 8 prejudice\binaries\win32\s9-win32-f.exe |
"UDP Query User{14C7432D-15DF-46A9-B889-AB1A4F928D2A}C:\users\bruger\desktop\suckadeburpadurp\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\borderlands\binaries\borderlands.exe |
"UDP Query User{1DB97AC7-1C44-42D5-8335-3F09A2720D5E}C:\users\bruger\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\bruger\program files (x86)\dna\btdna.exe |
"UDP Query User{239A7D90-7727-4438-BBD7-90973EFA2C67}C:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2 beta\hl2.exe |
"UDP Query User{2AF90F8A-DAAD-4150-B738-D761D311B3FC}C:\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"UDP Query User{2E688858-C38C-4DC3-BB18-E3B873133F04}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{31771E69-2484-45F8-944A-8405355E70B9}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{33A5C357-9395-496C-9828-B549071DD471}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"UDP Query User{348460EC-7D7F-48D8-8866-E4D0535B1B7E}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe |
"UDP Query User{3CED3921-13A1-4357-AAA6-06960353F70C}C:\cyberstep\getamped2_us\ga2.exe" = protocol=17 | dir=in | app=c:\cyberstep\getamped2_us\ga2.exe |
"UDP Query User{429F83FA-1E42-4E2A-AD32-F9645D6D0489}C:\users\bruger\desktop\suckadeburpadurp\volition inc\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\volition inc\red faction guerrilla\rfg.exe |
"UDP Query User{44BDB693-0D10-42DC-BB36-D2715A0918FC}C:\program files (x86)\r.g. catalyst\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. catalyst\borderlands\binaries\borderlands.exe |
"UDP Query User{48EDD57C-3A22-4EAD-AE4D-26682090F55A}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{51012211-846F-4A33-A77A-6A43F1E251B2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{530DD4CC-58E9-42BF-9605-602F51CD9138}C:\users\bruger\desktop\suckadeburpadurp\mass effect 2\binaries\masseffect2.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\mass effect 2\binaries\masseffect2.exe |
"UDP Query User{59E73BAE-B6DF-4407-9FF5-78211B25A1E8}C:\users\bruger\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\bruger\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{5AF8B091-F4F7-4B65-8DE8-28926F799F7E}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"UDP Query User{5EA6897D-3A6F-4110-B636-F2C1761C9C82}C:\program files (x86)\steam\steamapps\knud_erik\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\half-life 2 deathmatch\hl2.exe |
"UDP Query User{5F1E39A9-5740-4048-B398-A53025E1D89B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{67C72831-343A-4CED-8A07-9AD6958AF81D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{6E293820-246D-42FB-9044-BA61A48A24C1}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{84FC456E-D8AD-4D4B-A9F6-65AB3BA72AFC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{870D2AA5-DBE2-4C15-ABA9-65CA994639BB}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{8DC2C13F-F9E2-4879-9E30-E24898F6CD4A}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe |
"UDP Query User{914FD90C-432D-4C32-9117-7069FED80DDB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{9A12CD4B-7EDD-4553-9A2E-A6B809C13857}C:\users\bruger\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\bruger\program files (x86)\dna\btdna.exe |
"UDP Query User{9AA70181-BE13-4D09-8685-DE9E65625DD3}C:\users\bruger\desktop\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\portal 2\portal2.exe |
"UDP Query User{A0B0C709-AFA3-4FC9-9468-899E8893A263}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"UDP Query User{AFF1BD98-E85F-420F-85DD-F42F43B9DEC9}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"UDP Query User{B66D6015-30D8-402B-8533-E5FC46448E24}C:\users\bruger\desktop\desperate gods\desperate gods.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\desperate gods\desperate gods.exe |
"UDP Query User{B8E7DDCF-CBBA-4BBA-996A-F53EB8B0E15C}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe |
"UDP Query User{C1677D34-AE60-4F50-B027-6E25F0998244}C:\program files (x86)\steam\steamapps\common\zero gear\server\zerogearserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zero gear\server\zerogearserver.exe |
"UDP Query User{C4F5C4F6-F004-4E7C-9FA2-4CAC725AA982}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{CB2E80EC-2C42-4AF1-8BB2-01111D3AE693}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"UDP Query User{CC2C1649-D2AC-46D4-BD73-AF561C237455}C:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\games\tribes alpha\binaries\win32\tribesascend.exe |
"UDP Query User{CD24CEAA-B434-4BA2-AD59-213F9E306F57}C:\users\bruger\desktop\suckadeburpadurp\r.g. mechanics\colin mcrae. dirt 2\dirt2_game.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\r.g. mechanics\colin mcrae. dirt 2\dirt2_game.exe |
"UDP Query User{DC677E24-CDBD-4210-9B0F-BF8DB2AE340E}C:\program files (x86)\steam\steamapps\common\fallout 3 goty\fallout3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\fallout3.exe |
"UDP Query User{E1E2F756-E0EE-4790-B66B-D5E8E47A646C}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{E3324C6E-A8A4-43AD-94B1-64669C67BAC6}C:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\garry's mod beta\hl2.exe |
"UDP Query User{E6D5CF2F-9BAE-40C9-A54C-783B2E8E91EC}C:\users\bruger\desktop\suckadeburpadurp\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{E6E2CEB5-B494-49F0-A164-DECDE8579BA5}C:\program files (x86)\ace of spades\server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ace of spades\server.exe |
"UDP Query User{F0C7F4C5-3F71-4801-B632-96D57F89644F}C:\users\bruger\desktop\suckadeburpadurp\blur(tm)\blur.exe" = protocol=17 | dir=in | app=c:\users\bruger\desktop\suckadeburpadurp\blur(tm)\blur.exe |
"UDP Query User{F47C0CF5-41CE-48DD-A35E-7D4CCE742D76}C:\users\bruger\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\bruger\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FAD0D9A2-DCA2-4CE4-9D4D-8EFCDC9AD31B}C:\program files (x86)\driftcity\driftcity.exe" = protocol=17 | dir=in | app=c:\program files (x86)\driftcity\driftcity.exe |
"UDP Query User{FBF10AAB-0B26-459C-A5A9-971583748559}C:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{534A3680-A7CE-80D0-029B-2105ADA363AB}" = ATI AVIVO64 Codecs
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{818AA386-29D5-4DFF-BBB5-3F16133F1409}" = TortoiseSVN 1.6.12.20536 (64 bit)
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99830F57-829F-3185-99EF-B364AA00A216}" = Microsoft .NET Framework 4 Extended DAN Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding
"{CE6D49CE-ED18-47E1-8449-037BC7181450}" = Windows Live Family Safety
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{F83E9BF0-B8D8-3D68-9E07-7505290C2202}" = Microsoft .NET Framework 4 Client Profile DAN Language Pack
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DAN Language Pack" = Microsoft .NET Framework 4 Client Profile DAN sprogpakke
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DAN Language Pack" = Microsoft .NET Framework 4 Extended DAN sprogpakke
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"SP6" = Logitech SetPoint 6.22
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{022BC727-ACB7-4C1D-109C-177515714A32}" = Catalyst Control Center
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{10A1D1C4-F0B0-4341-B49A-A9ED8FBDBF9D}" = Livestream Procaster
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C7DA16A-255C-4E65-9BBB-0445FA9A036D}" = Spotflux
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20052CA0-FF43-4901-8261-E6DBF0A09ED1}" = Farm Animal Sounds
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{27BF5556-A718-42FF-BDF9-9EBF4EFCDF10}" = WorldsPlayer
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2
"{48657AA5-5A07-4C3A-8ED8-8B7CA4A9707C}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}" = Messenger Companion
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79A743FA-FF99-42DF-8C35-BA40EAEA6668}" = Comic Sound Pack
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed World
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85967580-EBC2-11D4-AEA3-0050046A88ED}" = LEGO øen 2
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E5EAB78-59D0-9C95-4907-E50E359E7E5E}" = HydraVision
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1" = Nitronic Rush (2012-06-19) version 20120619.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1030-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Dansk
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BA45D6C9-AC93-288B-DC4C-D65A01A2ED02}" = Application Profiles
"{BC7872E5-5C54-4568-8CDF-B4E226CAFDF0}" = eGames Masters Series 151
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.5.1 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D7C452B3-2666-422C-8229-95E8483112B0}" = F-Secure Client Security
"{D91802D9-6A42-4563-BC37-B3E2D04DC95B}" = Ancient Weapon Sounds
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}" = MorphVOX Pro
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"APB Reloaded" = APB Reloaded
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"Blast Thru Special Edition" = Blast Thru Special Edition
"Desura" = Desura
"Downloader" = Downloader
"DriftCity_EU_eng" = Drift City (EU_ENG)
"Drumaxx" = Drumaxx
"ERUNT_is1" = ERUNT 1.1j
"ESN Sonar" = ESN Sonar
"ESN Sonar-0.70.0" = ESN Sonar
"Europe MapleStory_is1" = Europe MapleStory
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps
"GraphicsGale FreeEdition_is1" = GraphicsGale FreeEdition version 1.93.12
"Gymnast_is1" = Gymnast v1.0
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"Internet Download Manager" = Internet Download Manager
"JDownloader" = JDownloader
"Katawa Shoujo" = Katawa Shoujo
"King Arthur's Gold (Alpha)_is1" = KAG 0.95A
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"LastFM_is1" = Last.fm Scrobbler 2.1.32
"Live 8.2.1" = Live 8.2.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"ManiaPlanet_is1" = ManiaPlanet
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Mozilla Firefox 5.0 (x86 da)" = Mozilla Firefox 5.0 (x86 da)
"Mumble" = Mumble and Murmur
"NetDevil_LEGO_Universe_is1" = LEGO Universe
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.2.0
"Origin" = Origin
"Pen Tablet Driver" = Pen-tablet
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"QLPrism" = QLPrism
"Sakura" = Sakura
"Sawer" = Sawer
"Steam App 104700" = Super MNC Invitational
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 11020" = TrackMania Nations Forever
"Steam App 11200" = Shadowgrounds: Survivor
"Steam App 113200" = The Binding of Isaac
"Steam App 12200" = Bully: Scholarship Edition
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 1250" = Killing Floor
"Steam App 1260" = Killing Floor SDK
"Steam App 12900" = Audiosurf
"Steam App 130" = Half-Life: Blue Shift
"Steam App 17080" = Tribes: Ascend
"Steam App 17525" = Synergy Dedicated Server
"Steam App 1840" = Source Filmmaker
"Steam App 200010" = Quantum Conundrum
"Steam App 200210" = Realm of the Mad God
"Steam App 200900" = Cave Story+
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 204300" = Awesomenauts
"Steam App 206210" = Gotham City Impostors: Free To Play
"Steam App 207610" = The Walking Dead
"Steam App 208090" = Loadout
"Steam App 209830" = Lone Survivor
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 212800" = Super Crate Box
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 219850" = Torchlight II Demo
"Steam App 220" = Half-Life 2
"Steam App 22230" = Rock of Ages
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 240" = Counter-Strike: Source
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 2500" = Shadowgrounds
"Steam App 2505" = Shadowgrounds Editor
"Steam App 26500" = Cogs
"Steam App 26800" = Braid
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 35700" = Trine
"Steam App 380" = Half-Life 2: Episode One
"Steam App 3830" = Psychonauts
"Steam App 38600" = Faerie Solitaire
"Steam App 39000" = Moonbase Alpha
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 4010" = Garry's Mod 13
"Steam App 40700" = Machinarium
"Steam App 40800" = Super Meat Boy
"Steam App 40810" = Super Meat Boy Editor
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 45740" = Dead Rising 2
"Steam App 48000" = LIMBO
"Steam App 50" = Half-Life: Opposing Force
"Steam App 500" = Left 4 Dead
"Steam App 50620" = Darksiders
"Steam App 520" = Team Fortress 2 Beta
"Steam App 55040" = Atom Zombie Smasher
"Steam App 55230" = Saints Row: The Third
"Steam App 55370" = Saints Row: The Third - Initiation Station
"Steam App 570" = Dota 2
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 6120" = Shank
"Steam App 620" = Portal 2
"Steam App 630" = Alien Swarm
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 70" = Half-Life
"Steam App 70300" = VVVVVV
"Steam App 730" = Counter-Strike: Global Offensive Beta
"Steam App 8190" = Just Cause 2
"Steam App 8980" = Borderlands
"Steam App 91310" = Dead Island
"Steam App 91600" = Sanctum
"Steam App 93200" = Revenge of the Titans
"Steam App 94200" = Jamestown
"Steam App 96200" = Steel Storm: Burning Retribution
"Steam App 97100" = Section 8: Prejudice
"Steam App 98100" = TRAUMA
"Steam App 99300" = Renegade Ops
"Steam App 99700" = NightSky
"Steam App 99900" = Spiral Knights
"StepMania 5" = StepMania v5.0 alpha 3 (remove only)
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Toxic Biohazard" = Toxic Biohazard
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.9
"VTFEdit_is1" = VTFEdit 1.2.5
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6B34251B-AB68-4b47-AA5E-09B50EFE41A0}" = Battlefield Heroes (PTE)
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Facebook Plug-In" = Facebook Plug-In
"Game Organizer" = EasyBits GO
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"SOE-PlanetSide 2 Beta" = PlanetSide 2 Beta
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12-08-2012 08:58:20 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet WORDPAD.EXE version 6.1.7601.17514 afbrød kommunikationen
med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger
om problemet, kan du læse om problemets historik via Løsningscenter. Proces-id: 17cc
Starttidspunkt:
01cd788a017d72e6 Afslutningstidspunkt: 53 Programsti: C:\Program Files (x86)\Windows
NT\Accessories\WORDPAD.EXE Rapport-id: 5451862f-e47d-11e1-b7f9-0025221a2c8f
Error - 17-08-2012 10:23:51 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet hl2.exe version 0.0.0.0 afbrød kommunikationen med Windows
og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter. Proces-id: d6c Starttidspunkt:
01cd7c71b913faec Afslutningstidspunkt: 1207 Programsti: c:\program files (x86)\steam\steamapps\knud_erik\team
fortress 2\hl2.exe Rapport-id: 1dc674a7-e877-11e1-aee4-0025221a2c8f
Error - 18-08-2012 09:03:56 | Computer Name = Bruger-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: DeadIslandGame.exe, version: 1.0.0.0, tidsstempel:
0x4f100716 Navn på modul med fejl: xfire_toucan_45547.dll, version: 1.0.0.45547,
tidsstempel: 0x4fa1f1d1 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x000487ca
Proces-id
0x1b4c Programmets starttidspunkt 0x01cd7d383b96c79a Programsti: c:\program files
(x86)\steam\steamapps\common\dead island\DeadIslandGame.exe Modulsti: C:\Program
Files (x86)\Xfire\xfire_toucan_45547.dll Rapport-id: 2ac38b39-e935-11e1-b8fc-0025221a2c8f
Error - 20-08-2012 12:04:23 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet chrome.exe version 21.0.1180.79 afbrød kommunikationen
med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om
problemet, kan du læse om problemets historik via Løsningscenter. Proces-id: 6d0
Starttidspunkt:
01cd7edd34d8e1de Afslutningstidspunkt: 38 Programsti: C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
Rapport-id:
adee1667-eae0-11e1-8cff-0025221a2c8f
Error - 22-08-2012 09:31:57 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet Xfire.exe version 1.0.0.13133 afbrød kommunikationen med
Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter. Proces-id: fc4 Starttidspunkt:
01cd806a1c0662a8 Afslutningstidspunkt: 9 Programsti: C:\Program Files (x86)\Xfire\Xfire.exe
Rapport-id:
a2c32ad0-ec5d-11e1-93a8-0025221a2c8f
Error - 22-08-2012 16:14:00 | Computer Name = Bruger-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: svchost.exe_SysMain, version: 6.1.7600.16385,
tidsstempel: 0x4a5bc3c1 Navn på modul med fejl: sysmain.dll, version: 6.1.7601.17514,
tidsstempel: 0x4ce7c9db Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0000000000004627
Proces-id
0x17c Programmets starttidspunkt 0x01cd8069ef68cb5a Programsti: C:\Windows\System32\svchost.exe
Modulsti:
c:\windows\system32\sysmain.dll Rapport-id: e887ed9e-ec95-11e1-93a8-0025221a2c8f
Error - 22-08-2012 16:16:09 | Computer Name = Bruger-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: Dwm.exe, version: 6.1.7600.16385, tidsstempel:
0x4a5bc541 Navn på modul med fejl: ntdll.dll, version: 6.1.7601.17725, tidsstempel:
0x4ec4aa8e Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0000000000052fc6 Proces-id
0x6dc Programmets starttidspunkt 0x01cd80a2f7153292 Programsti: C:\Windows\system32\Dwm.exe
Modulsti:
C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 3542efd8-ec96-11e1-93a8-0025221a2c8f
Error - 22-08-2012 16:24:17 | Computer Name = Bruger-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: chrome.exe, version: 21.0.1180.83, tidsstempel:
0x502eaec7 Navn på modul med fejl: chrome.dll, version: 21.0.1180.83, tidsstempel:
0x502eae84 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x001f13fa Proces-id 0x1570
Programmets
starttidspunkt 0x01cd806a97359055 Programsti: C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
Modulsti:
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\21.0.1180.83\chrome.dll
Rapport-id:
5878b388-ec97-11e1-93a8-0025221a2c8f
Error - 24-08-2012 15:26:26 | Computer Name = Bruger-Pc | Source = Application Error | ID = 1000
Description = Navn på program med fejl: hl2.exe, version: 0.0.0.0, tidsstempel:
0x50368f10 Navn på modul med fejl: client.dll, version: 0.0.0.0, tidsstempel: 0x5036def5
Undtagelseskode:
0xc0000005 Forskydning med fejl 0x005ad462 Proces-id 0x1b60 Programmets starttidspunkt
0x01cd822bd62fd2be Programsti: c:\program files (x86)\steam\steamapps\knud_erik\team
fortress 2\hl2.exe Modulsti: c:\program files (x86)\steam\steamapps\knud_erik\team
fortress 2\tf\bin\client.dll Rapport-id: 982c276c-ee21-11e1-91e3-0025221a2c8f
Error - 27-08-2012 12:17:17 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet hl2.exe version 0.0.0.0 afbrød kommunikationen med Windows
og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter. Proces-id: 1af0 Starttidspunkt:
01cd846ae9d97088 Afslutningstidspunkt: 232 Programsti: c:\program files (x86)\steam\steamapps\knud_erik\team
fortress 2\hl2.exe Rapport-id: 971c0493-f062-11e1-ba29-0025221a2c8f
Error - 27-08-2012 12:50:34 | Computer Name = Bruger-Pc | Source = Application Hang | ID = 1002
Description = Programmet hl2.exe version 0.0.0.0 afbrød kommunikationen med Windows
og blev afsluttet. Hvis du vil se, om der findes flere oplysninger om problemet,
kan du læse om problemets historik via Løsningscenter. Proces-id: 1724 Starttidspunkt:
01cd846f7e01df03 Afslutningstidspunkt: 334 Programsti: c:\program files (x86)\steam\steamapps\knud_erik\team
fortress 2\hl2.exe Rapport-id: 4b55cc13-f067-11e1-ba29-0025221a2c8f
[ System Events ]
Error - 21-01-2013 11:28:09 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten AMD External Events Utility.
Error - 21-01-2013 11:28:09 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7000
Description = Tjenesten AMD External Events Utility kunne ikke starte pga. følgende
fejl: %%1053
Error - 22-01-2013 10:51:51 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten Hi-Rez Studios Authenticate and
Update Service.
Error - 23-01-2013 10:31:56 | Computer Name = Bruger-Pc | Source = bowser | ID = 8003
Description =
Error - 24-01-2013 12:59:05 | Computer Name = Bruger-Pc | Source = bowser | ID = 8003
Description =
Error - 25-01-2013 08:45:18 | Computer Name = Bruger-Pc | Source = bowser | ID = 8003
Description =
Error - 25-01-2013 08:53:10 | Computer Name = Bruger-Pc | Source = DCOM | ID = 10010
Description =
Error - 28-01-2013 10:14:23 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten Hi-Rez Studios Authenticate and
Update Service.
Error - 28-01-2013 11:10:50 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7009
Description = Der opstod timeout (30000 millisekunder), mens systemet ventede på,
at der blev oprettet forbindelse til tjenesten Hi-Rez Studios Authenticate and
Update Service.
Error - 28-01-2013 11:28:07 | Computer Name = Bruger-Pc | Source = Service Control Manager | ID = 7031
Description = Tjenesten Tjenesten Windows Fejlrapportering blev afbrudt uventet.
Dette er sket 1 gange. Følgende korrigerende handling foretages om 120000 millisekunder:
Genstart tjenesten.
< End of report >
OTL logfile created on: 28-01-2013 16:19:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 40,07% Memory free
7,98 Gb Paging File | 4,75 Gb Available in Paging File | 59,48% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 254,51 Gb Free Space | 27,32% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}: "URL" = http://search.portalsepeti.com/?hl=tr&tbm=web&q={searchTerms}&oem=MUH&uid=WD-WCAV56241704_WDCWD10EARS-00Y5B1&tm=1358546600
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.search.selectedEngine: "navegaki"
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.portalsepeti.com?q="
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012-11-07 22:28:38 | 000,001,827 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 livejasmin.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-21 15:20:08 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,802,760 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Troysoftware
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
[2013-01-05 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
[2013-01-04 19:33:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
[2013-01-04 07:32:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{CC13E2E2-2546-45E0-9725-E5F498ED6CC0}
[2013-01-03 19:20:16 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{08CFE6B5-4DA8-4932-968D-C21D3D27B274}
[2013-01-03 07:19:38 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{500CE12F-B063-4EE6-84EE-BD096AD7BE2B}
[2013-01-02 15:10:33 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{8B353F46-5F4D-4773-A53B-C009ED58493B}
[2013-01-01 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F7A7E781-4CC8-42C0-AEC2-FCB16519EC86}
[2012-12-31 14:30:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{868AE64B-7871-4B43-88E6-F6568F26E493}
[2012-12-30 14:03:15 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{4A37C2C6-1187-445E-9304-52D8B4C2B4DF}
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-01-28 16:23:10 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-28 16:23:10 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 16:11:02 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-01-28 16:10:19 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-28 16:10:14 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-01-28 16:09:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-28 16:09:22 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-28 15:36:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-28 15:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-28 15:15:30 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:22 | 000,004,458 | ---- | M] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-01-09 09:49:56 | 000,802,760 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:05 | 000,004,458 | ---- | C] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-01-26 01:48:04 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-01-28 16:11:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2012-08-10 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-01-23 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2010-03-22 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
Hi,
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:processes
killallprocesses
:OTL
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
I've been running the otl for some hours now, but my computer doesn't sound like it's working even though it has been saying "cleaning restore points. DO NOT INTERRUPT..." For hours now.
Is this normal or should i reboot?
Go ahead and shut it down, then run a new scan with OTL and post the new log please
All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev tmt.
C:\Users\Bruger\Desktop\cmd.bat deleted successfully.
C:\Users\Bruger\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Bruger
->Temp folder emptied: 98609654 bytes
->Temporary Internet Files folder emptied: 287085889 bytes
->Java cache emptied: 2600971 bytes
->FireFox cache emptied: 133567313 bytes
->Google Chrome cache emptied: 407253674 bytes
->Flash cache emptied: 190704 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 453977 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12162080 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67730 bytes
RecycleBin emptied: 93756981 bytes
Total Files Cleaned = 988,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01292013_200743
Files\Folders moved on Reboot...
C:\Users\Bruger\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\temp\Low\MSI\SkypeToolbars.msi moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Malwarebytes Anti-Malware (Prøveversion) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.29.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Bruger :: BRUGER-PC [administrator]
Beskyttelse: Slået til
29-01-2013 21:22:10
mbam-log-2013-01-29 (21-22-10).txt
Skanningstype: Hurtig skanning
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 219065
Tid gået: 7 minut(ter), 7 sekund(er)
Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)
Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)
Registreringsdatabasenøgler Inficeret: 0
(Ingen skadelige objekter blev fundet)
Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)
Registreringsdatabasedata Objekter Inficeret: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Dårlig: ("regedit.exe" "%1") God: (regedit.exe "%1") -> Sat i karantæne og erstattet succesfuldt.
Inficerede Mapper: 0
(Ingen skadelige objekter blev fundet)
Inficerede Filer: 0
(Ingen skadelige objekter blev fundet)
(færdig)
Run a scan with OTL and let me see a new log please
OTL logfile created on: 30-01-2013 12:57:14 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 40,29% Memory free
7,98 Gb Paging File | 4,89 Gb Available in Paging File | 61,22% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 252,85 Gb Free Space | 27,15% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}: "URL" = http://search.portalsepeti.com/?hl=tr&tbm=web&q={searchTerms}&oem=MUH&uid=WD-WCAV56241704_WDCWD10EARS-00Y5B1&tm=1358546600
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.search.selectedEngine: "navegaki"
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.portalsepeti.com?q="
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013-01-29 20:07:49 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-21 15:20:08 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,802,760 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Troysoftware
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
[2013-01-05 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
[2013-01-04 19:33:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
[2013-01-04 07:32:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{CC13E2E2-2546-45E0-9725-E5F498ED6CC0}
[2013-01-03 19:20:16 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{08CFE6B5-4DA8-4932-968D-C21D3D27B274}
[2013-01-03 07:19:38 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{500CE12F-B063-4EE6-84EE-BD096AD7BE2B}
[2013-01-02 15:10:33 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{8B353F46-5F4D-4773-A53B-C009ED58493B}
[2013-01-01 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F7A7E781-4CC8-42C0-AEC2-FCB16519EC86}
[2012-12-31 14:30:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{868AE64B-7871-4B43-88E6-F6568F26E493}
========== Files - Modified Within 30 Days ==========
[2013-01-30 12:59:14 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-30 12:59:14 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-30 12:48:58 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-01-30 12:46:36 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-01-30 12:43:03 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-30 12:42:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-30 12:42:07 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-29 23:10:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-01-29 22:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-29 22:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-29 21:19:49 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-29 20:07:49 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:22 | 000,004,458 | ---- | M] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-01-09 09:49:56 | 000,802,760 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
========== Files Created - No Company Name ==========
[2013-01-29 21:19:49 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:05 | 000,004,458 | ---- | C] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-01-29 23:18:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-01-30 12:48:17 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2012-08-10 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-01-23 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2010-03-22 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
Hi,
With all the games you play, look over the first part of the OTL log you posted, did you set all those proxies ?
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:processes
killallprocesses
:OTL
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}: "URL" = http://search.portalsepeti.com/?hl=tr&tbm=web&q={searchTerms}&oem=MUH&uid=WD-WCAV56241704_WDCWD10EARS-00Y5B1&tm=1358546600
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
FF - prefs.js..keyword.URL: "http://search.portalsepeti.com?q="
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
The only proxy-ish thing i remember doing, was something to get on piratebay without problems, which a friend helped me with.
All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DC0055E-1C76-479B-9C92-9D2459569A1F}\ not found.
HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "http://search.portalsepeti.com?q=" removed from keyword.URL
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev tmt.
C:\Users\Bruger\Desktop\cmd.bat deleted successfully.
C:\Users\Bruger\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Bruger
->Temp folder emptied: 371475 bytes
->Temporary Internet Files folder emptied: 692300 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 355341651 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 112733 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 49554 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 340,00 mb
piratebay Almost everything that is downloaded from any form of File Sharing besides being illegal it most likely contains Malware of some sort or another. This is one of the best ways to infect your system. :sad:
Is portalsepeti gone ?
I only use piratebay for unzipped .mp3 and .flac files, most of which are trusted and commented positively multiple times. So i don't see how i'll get infected from there.
Nope, portal sepeti is still there :(
I appreciate the help, though :)
portal sepeti <-- Is this in all three browsers ?
Go ahead and run a new scan with OTL and post the log please.
I believe Piratebay was shut down, not sure, I was referring to File Sharing in general.
Yeah i'm sticking to music from piratebay and software downloads recommmended by friends
OTL logfile created on: 30-01-2013 22:31:25 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 49,60% Memory free
7,98 Gb Paging File | 4,34 Gb Available in Paging File | 54,44% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 250,57 Gb Free Space | 26,90% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.search.selectedEngine: "navegaki"
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013-01-30 14:22:09 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-21 15:20:08 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,802,760 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Troysoftware
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
[2013-01-05 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
[2013-01-04 19:33:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
[2013-01-04 07:32:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{CC13E2E2-2546-45E0-9725-E5F498ED6CC0}
[2013-01-03 19:20:16 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{08CFE6B5-4DA8-4932-968D-C21D3D27B274}
[2013-01-03 07:19:38 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{500CE12F-B063-4EE6-84EE-BD096AD7BE2B}
[2013-01-02 15:10:33 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{8B353F46-5F4D-4773-A53B-C009ED58493B}
[2013-01-01 17:20:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F7A7E781-4CC8-42C0-AEC2-FCB16519EC86}
========== Files - Modified Within 30 Days ==========
[2013-01-30 22:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-30 22:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-01-30 22:10:08 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-01-30 20:36:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-30 14:34:57 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-30 14:34:57 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-30 14:25:39 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-01-30 14:24:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-01-30 14:24:13 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-30 14:22:09 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-01-30 12:46:36 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-01-29 21:19:49 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:22 | 000,004,458 | ---- | M] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-01-09 09:49:56 | 000,802,760 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
========== Files Created - No Company Name ==========
[2013-01-29 21:19:49 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:05 | 000,004,458 | ---- | C] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-01-29 23:18:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-01-30 14:26:09 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2012-08-10 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-01-23 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2010-03-22 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
And yes, it's still on all my browsers :)
Yeah i'm sticking to music from piratebay and software downloads recommmended by friends
Your call, with the latest nasty threats going around if you infect yourself real bad and have to reinstall the Operating System, you cant say you where not warned.
I see your a gamer, thats fine but have to tell you also that some game sites are a hotbed of infections.
Lets run AdwCleaner one more time and post the log please
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:processes
killallprocesses
:OTL
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Your call, with the latest nasty threats going around if you infect yourself real bad and have to reinstall the Operating System, you cant say you where not warned.
And I do appreciate the warning.
All processes killed
========== PROCESSES ==========
========== OTL ==========
Prefs.js: "74.115.1.13" removed from network.proxy.http
Prefs.js: 80 removed from network.proxy.http_port
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev tmt.
C:\Users\Bruger\Desktop\cmd.bat deleted successfully.
C:\Users\Bruger\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Bruger
->Temp folder emptied: 20549814 bytes
->Temporary Internet Files folder emptied: 1775146 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14090826 bytes
->Google Chrome cache emptied: 343786721 bytes
->Flash cache emptied: 836 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 68072 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 363,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01312013_135451
Files\Folders moved on Reboot...
C:\Users\Bruger\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
ps: I was not sure if you really meant adwcleaner, so i only ran the otl fix
Yes, go ahead and run AdwCleaner again
http://news.bbc.co.uk/2/hi/technology/8622665.stm
# AdwCleaner v2.109 - Logfil lavet d. 31/01/2013 kl. 20:40:20
# Opdateret d. 26/01/2013 af Xplode
# Operativ system : Windows 7 Home Premium Service Pack 1 (64 bits)
# Bruger : Bruger - BRUGER-PC
# Boot Mode : Normal
# Kører fra : C:\Users\Bruger\Downloads\Programs\AdwCleaner.exe
# Indstilling [Slet]
***** [Servicer] *****
***** [Filer / Mapper] *****
***** [Registeret] *****
Nøgle Slettet : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Registeret er rent.
-\\ Mozilla Firefox v5.0 (da)
Filer : C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\prefs.js
[OK] Filen er ren.
-\\ Google Chrome v24.0.1312.56
Filer : C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Filen er ren.
*************************
AdwCleaner[S1].txt - [339 octets] - [28/01/2013 16:05:04]
AdwCleaner[S2].txt - [1836 octets] - [28/01/2013 16:06:42]
AdwCleaner[S3].txt - [1024 octets] - [31/01/2013 20:40:20]
########## EOF - C:\AdwCleaner[S3].txt - [1084 octets] ##########
I was looking up Portal sepeti removal and all the sites are in Turkish so I cant read them :sad:
You need the 64 bit version
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1 (http://jpshortstuff.247fixes.com/SystemLook.exe)
Download Mirror #2 (http://images.malwareremoval.com/jpshortstuff/SystemLook.exe)
64 Bit Version (http://jpshortstuff.247Fixes.com/SystemLook_x64.exe)
Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
:filefind
Portal sepeti
:folderfind
Portal sepeti
:Regfind
Portal sepeti
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
I was looking up Portal sepeti removal and all the sites are in Turkish so I cant read them :sad:
I did that in the begining too, and after some translation, the only info i could find was a "uninstall" link from portal sepeti which required some options for chrome that didn't exist, and a regedit thing that only worked one session at the time.
SystemLook 30.07.11 by jpshortstuff
Log created at 13:52 on 01/02/2013 by Bruger
Administrator - Elevation successful
========== filefind ==========
Searching for "Portal sepeti"
No files found.
========== folderfind ==========
Searching for "Portal sepeti"
No folders found.
========== Regfind ==========
Searching for "Portal sepeti"
No data found.
-= EOF =-
Give this a shot
Remove Portal sepeti in Internet Explorer:
1. Open Internet Explorer.
2. Go to Tools > Options.
3. On General tab, proceed to Change search defaults and click the Settings button.
4. You will see a list of search providers. Select your desired search provider and click the button Set as default to replace Portal sepeti
5. You may now remove Portal sepeti from the list.
Remove Portal sepeti in Mozilla Firefox:
1. Open Mozilla Firefox Internet Browser.
2. On Googles Search box, click the arrow down beside the logo.
3. Select Manage Search Engine from the drop-down list.
4. Choose your desired search default (like Google) and click the button Move up. It should be on the top of the list to set it as default.
5. You can now remove other installed search engine.
Remove Portal sepeti in Google Chrome:
1. Open Google Chrome.
2. Click on the Wrench icon on top right corner of the browser.
3. Choose Settings from the drop down list.
4. Select Basics.
5. Click on Manage search engines under SEARCH settings area.
6. Hover your mouse to a preferred search engine and click Make default.
7. You can now remove Portal sepeti search by clicking on the X mark.
I did that last week when portal sepeti showed up, and it changed my search engine back to google which is nice. But the homepage is still there, even if i go to homepage settings and change it to something else.
OK, just hang on a bit and let me ask around as this is new to me. So its just your homepage that you cant reset, are there any redirects to sites that you dont want to visit.
Yeah it's just the homepage i can't change.
My pc seems to run just fine and the internet speed hasn't changed either, so i guess the only problem is the homepage
OK, still have not heard anything from anyone else about this, why dont you do this.
Run a new scan with OTL and let me go over it real fine and make sure i have not missed anything
OTL logfile created on: 02-02-2013 20:14:32 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 24,21% Memory free
7,98 Gb Paging File | 2,06 Gb Available in Paging File | 25,81% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 250,69 Gb Free Space | 26,92% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe ()
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vaudio_speex.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\serverbrowser.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vaudio_miles.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\GameUI.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\tf\bin\server.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\replay.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\tf\bin\client.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\chromehtml.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\stdshader_dx9.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\stdshader_dx8.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\stdshader_dx6.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\stdshader_dx7.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\stdshader_dbg.dll ()
MOD - C:\Users\Bruger\AppData\Local\Temp\~AE35.tmp ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\avutil-51.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\scenefilecache.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\mssmp3.asi ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\shaderapidx9.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vguimatsurface.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\mssvoice.asi ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\parsifal.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\tier0.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\video_bink.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\soundemittersystem.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\studiorender.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\datacache.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\engine.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vgui2.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\filesystem_steam.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\avcodec-53.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vstdlib.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\video_services.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\video_quicktime.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\inputsystem.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\unicode.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\avformat-53.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\materialsystem.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\hl2.exe ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\launcher.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\vphysics.dll ()
MOD - c:\program files (x86)\steam\steamapps\knud_erik\team fortress 2\bin\libcef.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.search.selectedEngine: "navegaki"
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013-01-31 13:54:55 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{d6192b9d-364e-11e0-a849-0025221a2c8f}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell - "" = AutoRun
O33 - MountPoints2\{f9fa96f5-6caa-11df-826d-0025221a2c8f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-02-02 12:14:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{E4657B68-3E84-4AF3-B787-EA1BDE309D1A}
[2013-02-01 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C0DB8895-72E6-4886-A1E1-07CEC6E5267A}
[2013-01-31 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C39DD8AB-5E30-41F3-9D04-DE1133ED8752}
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-21 15:20:08 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,802,760 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Troysoftware
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
[2013-01-05 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
[2013-01-04 19:33:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
[2013-01-04 07:32:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{CC13E2E2-2546-45E0-9725-E5F498ED6CC0}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-02-02 20:10:03 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-02-02 19:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-02-02 19:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-02 12:31:21 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-02 12:31:21 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-02 12:10:03 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-02-02 12:08:25 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-02-02 12:08:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-02 12:08:10 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-01 15:34:11 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-01-31 13:54:55 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-01-29 21:19:49 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:22 | 000,004,458 | ---- | M] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-01-09 09:49:56 | 000,802,760 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-01-29 21:19:49 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:34:05 | 000,004,458 | ---- | C] () -- C:\Users\Bruger\Desktop\attach.zip
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-01-31 22:55:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-02-02 12:09:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2013-02-01 13:52:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-01-31 22:55:03 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2010-03-22 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
I think at this point I would use System Restore and restore your system to a point prior to getting that bad homepage
NAVEGAKI <--You also have this which is bad
Navigate to the Start -> All Programs -> Accessories -> System Tools program group.
Click on the System Restore program icon.
Click Next > on the Restore system files and settings window.
Choose the restore point that you want to use.
That may not be far enough, you posted on 1/22/13 that you had it
I found the folder with my restore point from 1-22 but i can't see how i can use it with the method you posted.
You can use the instructions for any dated restore point. Lets skip that for the moment
Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop
shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Windows 7 Home Premium x64
Ran by Bruger on 03-02-2013 at 12:00:19,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055c089-8582-441b-a0bf-17b458c2a3a8}
~~~ Files
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\prefs.js
user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor
user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.baidu.com.url", "^hxxp\\:\\/\\/www\\.baidu\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .listing .resultsLink + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-re
user_pref("extensions.wrc.SearchRules.excite.com.url", "^hxxp\\:\\/\\/msxml\\.excite\\.com\\/excite\\/ws\\/.+");
user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-r
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03-02-2013 at 12:09:39,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Good Morning,
You had other bad stuff in there beside portal sepeti.
You also have a trojan on your OTL log
Download ComboFix from one of these locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RC1.png
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/RC2-1.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
The tutorial for deactivating the spybot s&d protectian seems outdated.
everywhere i look it's how to do it on an older version.
this is how it looks to me
http://gyazo.com/266389ebf01ea465474273a66ea2d3cd.png?1359891737
Do this first...Important
Disable the TeaTimer, leave it disabled, do not turn it back on until we're done or it will prevent fixes from taking
Run Spybot-S&D in Advanced Mode.
If it is not already set to do this Go to the Mode menu select "Advanced Mode"
On the left hand side, Click on Tools
Then click on the Resident Icon in the List
Uncheck "Resident TeaTimer" and OK any prompts.
Restart your computer.<--You need to do this for it to take effect
Please do not proceed until the TeaTimer is disabled
Those things aren't there.
The only things i can press are on the picture i posted
looks like i don't have the teatimer, so can i just proceed?
this is the message i get
http://gyazo.com/f2f3216be03408a77e9b4fd7d78f4cf5.png?1359896927
"Combofix has noticed that the following real-time scanner(s) are active:
antispyware: spybot - search and destroy.
Antivirus and the likes are known for interrupting combofix's progress. this leads to unpredictable results and even possible damage on the computer. please deactivate these scanners before you click "OK"."
ComboFix 13-02-02.05 - Bruger 03-02-2013 14:39:53.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.4087.2280 [GMT 1:00]
Kører fra: c:\users\Bruger\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Bruger\AppData\Roaming\WTouch
c:\users\Bruger\AppData\Roaming\WTouch\WTouch.xml
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2013-01-03 til 2013-02-03 )))))))))))))))))))))))))))))))))))
.
.
2013-02-03 13:51 . 2013-02-03 13:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 11:04 . 2013-02-03 11:04 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\offreg.dll
2013-02-03 11:00 . 2013-02-03 11:00 -------- d-----w- c:\windows\ERUNT
2013-02-03 10:59 . 2013-02-03 11:00 -------- d-----w- C:\JRT
2013-02-02 21:58 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\mpengine.dll
2013-01-29 20:20 . 2013-01-29 20:20 -------- d-----w- c:\users\Bruger\AppData\Roaming\Malwarebytes
2013-01-29 20:19 . 2013-01-29 20:19 -------- d-----w- c:\programdata\Malwarebytes
2013-01-29 20:19 . 2013-02-02 21:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-29 14:57 . 2013-01-29 14:57 -------- d-----w- C:\_OTL
2013-01-27 10:44 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-25 12:45 . 2013-01-26 00:45 -------- d-----w- c:\users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
2013-01-25 05:23 . 2013-01-25 05:23 42880 ----a-w- c:\windows\SysWow64\xfcodec.dll
2013-01-25 05:23 . 2013-01-25 05:23 28544 ----a-w- c:\windows\system32\xfcodec64.dll
2013-01-22 19:26 . 2013-01-22 19:26 -------- d-----w- c:\program files (x86)\ERUNT
2013-01-21 18:40 . 2013-02-03 11:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-21 18:40 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-01-21 18:40 . 2013-01-21 18:40 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-01-21 18:39 . 2013-01-21 18:39 -------- d-----w- c:\users\Bruger\AppData\Local\Programs
2013-01-21 15:48 . 2013-01-21 15:48 -------- d-----w- c:\programdata\ATI
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-18 22:03 . 2013-02-02 21:29 -------- d-----w- c:\windows\SysWow64\NTServer
2013-01-18 22:03 . 2013-01-09 08:49 802760 ----a-w- c:\windows\SysWow64\navegaki.exe
2013-01-18 22:03 . 2013-01-18 22:06 -------- d-----w- c:\program files (x86)\Troysoftware
2013-01-15 14:56 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 21:36 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 21:36 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 21:36 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 21:36 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 21:36 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 21:36 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 21:36 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 21:36 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 21:36 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 21:36 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 21:34 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 04:53 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 05:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-01-09 21:34 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-09 21:34 . 2012-11-30 05:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-09 21:34 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-09 21:34 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-09 21:34 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 04:54 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-09 21:34 . 2012-11-30 03:23 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-09 21:34 . 2012-11-30 02:44 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:32 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 21:32 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-03-19 07:53 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 21:56 . 2010-03-19 07:53 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 16:32 . 2012-04-22 10:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:32 . 2011-05-14 12:42 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 22:05 . 2010-03-21 12:06 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-25 22:05 . 2010-03-21 12:06 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-19 20:50 . 2010-11-05 18:53 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48 11278336 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29 23461376 ----a-w- c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22 70144 ----a-w- c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12 18982400 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2010-07-07 01:54 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2010-07-07 01:53 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2010-07-07 01:46 6681088 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56 550912 ----a-w- c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2009-11-04 15:31 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2010-11-05 18:54 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33 421888 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32 552960 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2010-07-07 01:15 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2010-07-07 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2010-07-07 01:14 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2010-07-07 01:14 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-16 17:11 . 2012-12-22 02:02 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:02 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 19:11 . 2010-03-21 21:05 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-09 19:11 . 2010-03-21 21:04 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-30 04:45 . 2013-01-09 21:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 15:43 . 2012-11-10 15:43 252296 ----a-w- c:\windows\system32\javaws.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\javaw.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\java.exe
2012-11-10 15:43 . 2012-11-10 15:43 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-09 05:45 . 2012-12-12 21:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 21:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-06 11:11 . 2012-11-06 11:11 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-02-11 3253656]
"Akamai NetSession Interface"="c:\users\Bruger\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-20 39408]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2009-11-04 380928]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-11-19 2791936]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2013-1-25 3560832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-05-03 131912]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
R3 X6va005;X6va005;c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-30 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-12-04 8704]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-26 138304]
S2 NTServiceSystem;NTServiceSystem;c:\windows\SysWOW64\NTServer\service.exe [2013-01-08 91728]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-23 5556520]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 127784]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-13 1274880]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 18216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 16:32]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2012-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000Core.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-26 18:38 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/user/nillor0?feature=mhw4
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 208.67.222.222 208.67.220.220
FF - ProfilePath - c:\users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - hxxp://www.quakelive.com/#!welcome
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-VIAAUD - c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe
AddRemove-BattlEye A2 Free - c:\program files (x86)\Bohemia Interactive\ArmA 2 FreeBattlEye\UnInstallBE.exe
AddRemove-Europe MapleStory_is1 - c:\program files (x86)\NEXON\Europe MapleStory\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,c5,ba,ec,ca,28,a1,92,7d,4a,0a,c3,93,a4,a6,29,87,ff,03,41,55,
78,fc,af,7c,a2,e0,87,1e,44,e0,3c,c3,6b,37,8f,7b,96,1f,42,30,2d,77,d9,52,41,\
"rkeysecu"=hex:7b,ac,9d,ad,82,eb,28,77,27,2d,06,30,46,37,fb,5c
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{5fab6c72-1b6b-4638-8829-5be5c6fd2a10}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):71,3a,34,eb,9a,ff,a2,03,93,5a,5d,b7,18,1c,89,73,f8,36,1b,68,cf,
40,5c,19,87,4e,67,d1,7b,76,9c,fe,a5,fa,bd,6b,bf,de,5a,de,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2013-02-03 14:55:24
ComboFix-quarantined-files.txt 2013-02-03 13:55
.
Pre-Kørsel: 267.015.557.120 byte ledig
Post-Kørsel: 266.699.341.824 byte ledig
.
- - End Of File - - 26F7504849D06D771B7EBBD49781E97F
navegaki.com <-- This is related to Portal Sepeti
Troysoftware <-- This came on board at the same time as the rest, is this something you use ?
I don't recognise either of those urls so i guess they are atleast part of the problem.
I got a feeling that you're close to a solution! :)
Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above Firefox::
Firefox::
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.search.selectedEngine: "navegaki"
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
FF - prefs.js..keyword.URL: "http://search.portalsepeti.com?q="
Folder::
C:\Program Files (x86)\Troysoftware
Save this as CFScript to your desktop.
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
http://i24.photobucket.com/albums/c30/ken545/CFScriptB-4.gif
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
Then run DDS and post a new log please
Download DDS from one of the links below to your desktop
Link 1 (http://download.bleepingcomputer.com/sUBs/dds.scr)
Link 2 (http://download.bleepingcomputer.com/sUBs/dds.com)
Double click the tool to run it.
A black Screen will open, just read the contents and do nothing.
When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
Copy/Paste the contents of 'DDS.txt' into your post.
'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files) (http://windows.microsoft.com/en-us/windows-vista/Compress-and-uncompress-files-zip-files)
ComboFix 13-02-03.02 - Bruger 03-02-2013 18:21:45.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.4087.2400 [GMT 1:00]
Kører fra: c:\users\Bruger\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Bruger\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Troysoftware
c:\program files (x86)\Troysoftware\sfxcallback.exe
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2013-01-03 til 2013-02-03 )))))))))))))))))))))))))))))))))))
.
.
2013-02-03 17:33 . 2013-02-03 17:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 11:04 . 2013-02-03 11:04 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\offreg.dll
2013-02-03 11:00 . 2013-02-03 11:00 -------- d-----w- c:\windows\ERUNT
2013-02-03 10:59 . 2013-02-03 11:00 -------- d-----w- C:\JRT
2013-02-02 21:58 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\mpengine.dll
2013-01-29 20:20 . 2013-01-29 20:20 -------- d-----w- c:\users\Bruger\AppData\Roaming\Malwarebytes
2013-01-29 20:19 . 2013-01-29 20:19 -------- d-----w- c:\programdata\Malwarebytes
2013-01-29 20:19 . 2013-02-02 21:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-29 14:57 . 2013-01-29 14:57 -------- d-----w- C:\_OTL
2013-01-27 10:44 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-25 12:45 . 2013-01-26 00:45 -------- d-----w- c:\users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
2013-01-25 05:23 . 2013-01-25 05:23 42880 ----a-w- c:\windows\SysWow64\xfcodec.dll
2013-01-25 05:23 . 2013-01-25 05:23 28544 ----a-w- c:\windows\system32\xfcodec64.dll
2013-01-22 19:26 . 2013-01-22 19:26 -------- d-----w- c:\program files (x86)\ERUNT
2013-01-21 18:40 . 2013-02-03 11:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-21 18:40 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-01-21 18:40 . 2013-01-21 18:40 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-01-21 18:39 . 2013-01-21 18:39 -------- d-----w- c:\users\Bruger\AppData\Local\Programs
2013-01-21 15:48 . 2013-01-21 15:48 -------- d-----w- c:\programdata\ATI
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-18 22:03 . 2013-02-02 21:29 -------- d-----w- c:\windows\SysWow64\NTServer
2013-01-18 22:03 . 2013-01-09 08:49 802760 ----a-w- c:\windows\SysWow64\navegaki.exe
2013-01-15 14:56 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 21:36 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 21:36 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 21:36 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 21:36 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 21:36 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 21:36 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 21:36 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 21:36 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 21:36 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 21:36 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 21:34 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 04:53 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 05:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-01-09 21:34 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-09 21:34 . 2012-11-30 05:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-09 21:34 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-09 21:34 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-09 21:34 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 04:54 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-09 21:34 . 2012-11-30 03:23 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-09 21:34 . 2012-11-30 02:44 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:32 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 21:32 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-03-19 07:53 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 21:56 . 2010-03-19 07:53 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 16:32 . 2012-04-22 10:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:32 . 2011-05-14 12:42 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 22:05 . 2010-03-21 12:06 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-25 22:05 . 2010-03-21 12:06 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-19 20:50 . 2010-11-05 18:53 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48 11278336 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29 23461376 ----a-w- c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22 70144 ----a-w- c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12 18982400 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2010-07-07 01:54 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2010-07-07 01:53 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2010-07-07 01:46 6681088 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56 550912 ----a-w- c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2009-11-04 15:31 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2010-11-05 18:54 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33 421888 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32 552960 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2010-07-07 01:15 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2010-07-07 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2010-07-07 01:14 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2010-07-07 01:14 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-16 17:11 . 2012-12-22 02:02 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:02 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 19:11 . 2010-03-21 21:05 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-09 19:11 . 2010-03-21 21:04 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-30 04:45 . 2013-01-09 21:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 15:43 . 2012-11-10 15:43 252296 ----a-w- c:\windows\system32\javaws.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\javaw.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\java.exe
2012-11-10 15:43 . 2012-11-10 15:43 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-09 05:45 . 2012-12-12 21:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 21:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-06 11:11 . 2012-11-06 11:11 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-02-11 3253656]
"Akamai NetSession Interface"="c:\users\Bruger\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-20 39408]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2009-11-04 380928]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-11-19 2791936]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2013-1-25 3560832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-05-03 131912]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
R3 X6va005;X6va005;c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-30 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-12-04 8704]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-26 138304]
S2 NTServiceSystem;NTServiceSystem;c:\windows\SysWOW64\NTServer\service.exe [2013-01-08 91728]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-23 5556520]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 127784]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-13 1274880]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 18216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 16:32]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2012-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000Core.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-26 18:38 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAAUD"="c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/user/nillor0?feature=mhw4
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 208.67.222.222 208.67.220.220
FF - ProfilePath - c:\users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - hxxp://www.quakelive.com/#!welcome
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-BattlEye A2 Free - c:\program files (x86)\Bohemia Interactive\ArmA 2 FreeBattlEye\UnInstallBE.exe
AddRemove-Europe MapleStory_is1 - c:\program files (x86)\NEXON\Europe MapleStory\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,c5,ba,ec,ca,28,a1,92,7d,4a,0a,c3,93,a4,a6,29,87,ff,03,41,55,
78,fc,af,7c,a2,e0,87,1e,44,e0,3c,c3,6b,37,8f,7b,96,1f,42,30,2d,77,d9,52,41,\
"rkeysecu"=hex:7b,ac,9d,ad,82,eb,28,77,27,2d,06,30,46,37,fb,5c
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{5fab6c72-1b6b-4638-8829-5be5c6fd2a10}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):71,3a,34,eb,9a,ff,a2,03,93,5a,5d,b7,18,1c,89,73,f8,36,1b,68,cf,
40,5c,19,87,4e,67,d1,7b,76,9c,fe,a5,fa,bd,6b,bf,de,5a,de,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2013-02-03 18:35:14
ComboFix-quarantined-files.txt 2013-02-03 17:35
ComboFix2.txt 2013-02-03 13:55
.
Pre-Kørsel: 266.483.494.912 byte ledig
Post-Kørsel: 266.413.142.016 byte ledig
.
- - End Of File - - 50418D249A14C88B45300C9D95F2515E
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.11.2
Run by Bruger at 18:44:14 on 2013-02-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.4087.1728 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\SysWOW64\NTServer\service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\explorer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\notepad.exe
C:\Windows\system32\AUDIODG.EXE
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bruger\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.youtube.com/user/nillor0?feature=mhw4
BHO: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Hjælp til logon til Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Akamai NetSession Interface] "C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0} : DHCPNameServer = 208.67.222.222 208.67.220.220
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: browser.startup.homepage - hxxp://www.quakelive.com/#!welcome
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-10-30 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-10-30 370288]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-10-30 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-10-30 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-12 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-29 8704]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2010-11-26 138304]
R2 NTServiceSystem;NTServiceSystem;C:\Windows\SysWOW64\NTServer\service.exe [2013-1-18 91728]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-1-21 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-1-21 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-1-21 168384]
R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2010-3-22 5556520]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-3-22 127784]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-3-19 239616]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-3-19 1274880]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-3-22 18216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2011-9-11 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2011-9-11 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2011-9-11 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2011-9-11 34304]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\lgandadb.sys [2011-9-11 31744]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-5-3 131912]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-26 59392]
S3 WatAdminSvc;Tjenesten Windows Aktivering;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-22 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-02-03 13:37:44 98816 ----a-w- C:\Windows\sed.exe
2013-02-03 13:37:44 256000 ----a-w- C:\Windows\PEV.exe
2013-02-03 13:37:44 208896 ----a-w- C:\Windows\MBR.exe
2013-02-03 11:04:04 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\offreg.dll
2013-02-03 11:00:15 -------- d-----w- C:\Windows\ERUNT
2013-02-03 10:59:12 -------- d-----w- C:\JRT
2013-02-03 10:50:49 -------- d-----w- C:\Users\Bruger\AppData\Local\{94E4EFB3-A776-4521-A41D-2A5861723B9C}
2013-02-02 21:58:20 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\mpengine.dll
2013-02-02 21:39:36 -------- d-----w- C:\Users\Bruger\AppData\Local\{02155C00-241D-4FF8-B2E1-14100759040E}
2013-02-02 11:14:12 -------- d-----w- C:\Users\Bruger\AppData\Local\{E4657B68-3E84-4AF3-B787-EA1BDE309D1A}
2013-02-01 12:48:24 -------- d-----w- C:\Users\Bruger\AppData\Local\{C0DB8895-72E6-4886-A1E1-07CEC6E5267A}
2013-01-31 12:42:35 -------- d-----w- C:\Users\Bruger\AppData\Local\{C39DD8AB-5E30-41F3-9D04-DE1133ED8752}
2013-01-30 11:49:19 -------- d-----w- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
2013-01-29 20:20:13 -------- d-----w- C:\Users\Bruger\AppData\Roaming\Malwarebytes
2013-01-29 20:19:49 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-29 20:19:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-29 14:57:46 -------- d-----w- C:\_OTL
2013-01-29 14:44:07 -------- d-----w- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
2013-01-28 14:16:44 -------- d-----w- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
2013-01-27 12:47:19 -------- d-----w- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
2013-01-27 10:44:14 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 12:46:12 -------- d-----w- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
2013-01-25 12:45:19 -------- d-----w- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
2013-01-25 05:23:38 42880 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2013-01-25 05:23:36 28544 ----a-w- C:\Windows\System32\xfcodec64.dll
2013-01-24 14:45:22 -------- d-----w- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
2013-01-23 12:48:50 -------- d-----w- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
2013-01-22 14:55:21 -------- d-----w- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
2013-01-21 18:40:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-21 18:40:16 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-01-21 18:40:07 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-01-21 18:39:48 -------- d-----w- C:\Users\Bruger\AppData\Local\Programs
2013-01-21 15:47:55 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-01-21 15:47:25 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-01-21 14:20:08 -------- d-----w- C:\Users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
2013-01-20 12:48:43 -------- d-----w- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
2013-01-19 12:47:37 -------- d-----w- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
2013-01-19 00:46:57 -------- d-----w- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
2013-01-18 22:03:19 802760 ----a-w- C:\Windows\SysWow64\navegaki.exe
2013-01-18 22:03:19 -------- d-----w- C:\Windows\SysWow64\NTServer
2013-01-18 12:46:25 -------- d-----w- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
2013-01-17 10:49:37 -------- d-----w- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
2013-01-16 14:48:58 -------- d-----w- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
2013-01-15 14:48:34 -------- d-----w- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
2013-01-14 12:49:28 -------- d-----w- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
2013-01-13 12:21:41 -------- d-----w- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
2013-01-12 12:20:52 -------- d-----w- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
2013-01-11 10:44:17 -------- d-----w- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
2013-01-10 14:26:36 -------- d-----w- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
2013-01-09 21:36:49 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-09 21:36:48 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-09 21:36:15 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-09 21:36:14 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-09 21:36:13 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-09 21:36:13 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-09 21:36:11 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-09 21:36:11 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-09 21:36:09 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-01-09 21:36:08 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-01-09 21:34:09 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-09 21:34:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-09 21:34:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-01-09 21:34:03 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-09 21:34:02 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-09 21:34:02 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-01-09 21:34:02 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-01-09 21:34:02 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-01-09 21:34:02 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-09 21:34:02 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-01-09 21:34:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:32:24 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-09 21:32:18 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-09 14:44:22 -------- d-----w- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
2013-01-08 14:46:58 -------- d-----w- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
2013-01-07 12:43:20 -------- d-----w- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
2013-01-06 13:08:43 -------- d-----w- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
2013-01-06 00:19:41 -------- d-----w- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
2013-01-05 12:19:14 -------- d-----w- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
2013-01-04 18:33:35 -------- d-----w- C:\Users\Bruger\AppData\Local\{C5CA2A1E-494A-4CB6-8B39-7C6BBB349CD6}
.
==================== Find3M ====================
.
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-09 16:32:26 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:32:25 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 22:05:17 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-12-25 22:05:17 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-12-25 22:05:17 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-12-25 22:05:17 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-12-19 20:50:14 5630200 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-12-19 20:48:48 11278336 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-12-19 20:29:36 23461376 ----a-w- C:\Windows\System32\atio6axx.dll
2012-12-19 20:22:50 70144 ----a-w- C:\Windows\System32\coinst_9.012.dll
2012-12-19 20:19:46 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-12-19 20:18:04 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-12-19 20:18:02 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-12-19 20:17:54 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-12-19 20:17:52 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-12-19 20:17:40 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-12-19 20:13:24 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-12-19 20:12:44 18982400 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-12-19 20:09:52 960512 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-12-19 20:08:04 1151488 ----a-w- C:\Windows\System32\aticfx64.dll
2012-12-19 20:06:00 6681088 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-12-19 19:59:44 5087744 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-12-19 19:57:00 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2012-12-19 19:56:46 550912 ----a-w- C:\Windows\System32\atieclxx.exe
2012-12-19 19:56:00 240640 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-12-19 19:54:38 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-12-19 19:54:22 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-12-19 19:54:18 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-12-19 19:54:12 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-12-19 19:49:00 7370752 ----a-w- C:\Windows\System32\atidxx64.dll
2012-12-19 19:44:28 4162048 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-12-19 19:44:12 6786560 ----a-w- C:\Windows\System32\atiumd64.dll
2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-12-19 19:33:42 619008 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-12-19 19:33:32 421888 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-12-19 19:33:18 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-12-19 19:33:14 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-12-19 19:33:14 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-12-19 19:33:10 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-12-19 19:33:04 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-12-19 19:32:54 552960 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-12-19 19:31:14 130048 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-12-19 19:31:08 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-12-19 19:31:00 104448 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-12-19 19:30:52 83968 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-12-19 19:30:16 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-12-19 14:45:12 222720 ----a-w- C:\Windows\System32\clinfo.exe
2012-12-19 14:44:48 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-12-19 14:44:42 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-12-19 14:44:36 64000 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-12-19 14:44:32 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-12-19 14:44:20 34518016 ----a-w- C:\Windows\System32\amdocl64.dll
2012-12-19 14:38:48 28732928 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-12-19 14:34:40 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-12-19 14:34:38 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-09 19:11:49 270240 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-09 19:11:49 270240 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:38:45 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 04:45:15 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-10 15:43:20 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-06 11:11:52 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
.
============= FINISH: 18:44:29,55 ===============
Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above Firefox::
Firefox::
FF - ProfilePath - C:\Users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.search.selectedEngine - navegaki
FF - prefs.js: keyword.URL - hxxp://search.portalsepeti.com?q=
File::
C:\Windows\SysWow64\navegaki.exe
Save this as CFScript to your desktop.
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
http://i24.photobucket.com/albums/c30/ken545/CFScriptB-4.gif
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
Then run a new scan with OTL and post the new log please
ComboFix 13-02-03.03 - Bruger 03-02-2013 19:49:31.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1030.18.4087.2068 [GMT 1:00]
Kører fra: c:\users\Bruger\Desktop\ComboFix.exe
Kommandoer benyttet :: c:\users\Bruger\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\navegaki.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bruger\AppData\Local\{C8372F4E-B80A-4AE0-99C7-1F51F0FF1D88}
c:\windows\SysWow64\navegaki.exe
.
.
((((((((((((((((((((((((((((( Filer skabt fra 2013-01-03 til 2013-02-03 )))))))))))))))))))))))))))))))))))
.
.
2013-02-03 18:58 . 2013-02-03 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 11:04 . 2013-02-03 11:04 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\offreg.dll
2013-02-03 11:00 . 2013-02-03 11:00 -------- d-----w- c:\windows\ERUNT
2013-02-03 10:59 . 2013-02-03 11:00 -------- d-----w- C:\JRT
2013-02-02 21:58 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{973E3FD7-C329-4B78-979B-CD255ACE070E}\mpengine.dll
2013-01-29 20:20 . 2013-01-29 20:20 -------- d-----w- c:\users\Bruger\AppData\Roaming\Malwarebytes
2013-01-29 20:19 . 2013-01-29 20:19 -------- d-----w- c:\programdata\Malwarebytes
2013-01-29 20:19 . 2013-02-02 21:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-29 14:57 . 2013-01-29 14:57 -------- d-----w- C:\_OTL
2013-01-27 10:44 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-25 12:45 . 2013-01-26 00:45 -------- d-----w- c:\users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
2013-01-25 05:23 . 2013-01-25 05:23 42880 ----a-w- c:\windows\SysWow64\xfcodec.dll
2013-01-25 05:23 . 2013-01-25 05:23 28544 ----a-w- c:\windows\system32\xfcodec64.dll
2013-01-22 19:26 . 2013-01-22 19:26 -------- d-----w- c:\program files (x86)\ERUNT
2013-01-21 18:40 . 2013-02-03 11:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-21 18:40 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-01-21 18:40 . 2013-01-21 18:40 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-01-21 18:39 . 2013-01-21 18:39 -------- d-----w- c:\users\Bruger\AppData\Local\Programs
2013-01-21 15:48 . 2013-01-21 15:48 -------- d-----w- c:\programdata\ATI
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-21 15:47 . 2013-01-21 15:47 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-18 22:03 . 2013-02-02 21:29 -------- d-----w- c:\windows\SysWow64\NTServer
2013-01-15 14:56 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
2013-01-09 21:36 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 21:36 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 21:36 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 21:36 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 21:36 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 21:36 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 21:36 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 21:36 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 21:36 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 21:36 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 21:34 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 04:53 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-09 21:34 . 2012-11-30 05:41 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-01-09 21:34 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-09 21:34 . 2012-11-30 05:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-09 21:34 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-09 21:34 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-09 21:34 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 04:54 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-09 21:34 . 2012-11-30 03:23 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-09 21:34 . 2012-11-30 02:44 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-09 21:34 . 2012-11-30 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 21:32 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 21:32 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-03-19 07:53 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 21:56 . 2010-03-19 07:53 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 16:32 . 2012-04-22 10:41 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:32 . 2011-05-14 12:42 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-25 22:05 . 2010-03-21 12:06 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-25 22:05 . 2010-03-21 12:06 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-25 22:05 . 2010-03-21 12:06 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-19 20:50 . 2010-11-05 18:53 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48 11278336 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29 23461376 ----a-w- c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22 70144 ----a-w- c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12 18982400 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2010-07-07 01:54 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2010-07-07 01:53 1151488 ----a-w- c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2010-07-07 01:46 6681088 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56 550912 ----a-w- c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2009-11-04 15:31 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2010-11-05 18:54 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44 6786560 ----a-w- c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33 619008 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33 421888 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32 552960 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2010-07-07 01:15 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2010-07-07 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2010-07-07 01:14 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2010-07-07 01:14 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-12-16 17:11 . 2012-12-22 02:02 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:02 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:02 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-09 19:11 . 2010-03-21 21:05 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-09 19:11 . 2010-03-21 21:04 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-30 04:45 . 2013-01-09 21:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-12 21:07 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 15:43 . 2012-11-10 15:43 252296 ----a-w- c:\windows\system32\javaws.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\javaw.exe
2012-11-10 15:43 . 2012-11-10 15:43 188808 ----a-w- c:\windows\system32\java.exe
2012-11-10 15:43 . 2012-11-10 15:43 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-09 05:45 . 2012-12-12 21:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 21:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-06 11:11 . 2012-11-06 11:11 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
.
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-02-11 3253656]
"Akamai NetSession Interface"="c:\users\Bruger\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-20 39408]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2009-11-04 380928]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-11-19 2791936]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
c:\users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2013-1-25 3560832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-05-03 131912]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
R3 X6va005;X6va005;c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-30 834544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-12-04 8704]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-11-26 138304]
S2 NTServiceSystem;NTServiceSystem;c:\windows\SysWOW64\NTServer\service.exe [2013-01-08 91728]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-23 5556520]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 127784]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-11-13 1274880]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 18216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-22 16:32]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-20 15:48]
.
2012-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000Core.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
- c:\users\Bruger\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 22:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 07:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-11-26 18:38 82136 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAAUD"="c:\program files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Yderligere scanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/user/nillor0?feature=mhw4
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Bruger\AppData\Roaming\Mozilla\Firefox\Profiles\6rsi3ybe.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.quakelive.com/#!welcome
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-BattlEye A2 Free - c:\program files (x86)\Bohemia Interactive\ArmA 2 FreeBattlEye\UnInstallBE.exe
AddRemove-Europe MapleStory_is1 - c:\program files (x86)\NEXON\Europe MapleStory\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Bruger\AppData\Local\Temp\0057BAC.tmp"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,13,9c,b5,85,78,c7,4e,4c,9c,83,6e,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\SecuROM\License information*]
"datasecu"=hex:0f,c5,ba,ec,ca,28,a1,92,7d,4a,0a,c3,93,a4,a6,29,87,ff,03,41,55,
78,fc,af,7c,a2,e0,87,1e,44,e0,3c,c3,6b,37,8f,7b,96,1f,42,30,2d,77,d9,52,41,\
"rkeysecu"=hex:7b,ac,9d,ad,82,eb,28,77,27,2d,06,30,46,37,fb,5c
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{5fab6c72-1b6b-4638-8829-5be5c6fd2a10}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):71,3a,34,eb,9a,ff,a2,03,93,5a,5d,b7,18,1c,89,73,f8,36,1b,68,cf,
40,5c,19,87,4e,67,d1,7b,76,9c,fe,a5,fa,bd,6b,bf,de,5a,de,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Gennemført tid: 2013-02-03 20:00:24
ComboFix-quarantined-files.txt 2013-02-03 19:00
ComboFix2.txt 2013-02-03 17:35
ComboFix3.txt 2013-02-03 13:55
.
Pre-Kørsel: 265.328.693.248 byte ledig
Post-Kørsel: 267.874.750.464 byte ledig
.
- - End Of File - - 7E84BDD8CEEEDCA5EC83652C3C563A1F
OTL logfile created on: 03-02-2013 20:06:48 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 39,13% Memory free
7,98 Gb Paging File | 5,09 Gb Available in Paging File | 63,74% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 249,56 Gb Free Space | 26,79% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}: "URL" = http://search.portalsepeti.com/?hl=tr&tbm=web&q={searchTerms}&oem=MUH&uid=WD-WCAV56241704_WDCWD10EARS-00Y5B1&tm=1358546600
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013-02-03 19:58:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-02-03 20:00:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-03 14:37:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-02-03 14:37:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-02-03 14:37:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-02-03 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\ProcAlyzer Dumps
[2013-02-03 12:27:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-02-03 12:25:33 | 005,029,686 | R--- | C] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-02-03 11:59:12 | 000,000,000 | ---D | C] -- C:\JRT
[2013-02-03 11:59:07 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-03 11:50:49 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{94E4EFB3-A776-4521-A41D-2A5861723B9C}
[2013-02-02 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{02155C00-241D-4FF8-B2E1-14100759040E}
[2013-02-02 12:14:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{E4657B68-3E84-4AF3-B787-EA1BDE309D1A}
[2013-02-01 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C0DB8895-72E6-4886-A1E1-07CEC6E5267A}
[2013-01-31 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C39DD8AB-5E30-41F3-9D04-DE1133ED8752}
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
[2013-01-05 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1F1978E7-3F16-475D-9AF4-D61890DD6D03}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-02-03 20:10:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-02-03 19:58:28 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013-02-03 19:47:48 | 005,029,686 | R--- | M] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 19:36:04 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-02-03 19:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-03 12:00:00 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-03 12:00:00 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-03 11:59:00 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-03 11:50:03 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-02-03 11:49:22 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-02-03 11:48:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-03 11:48:18 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-02 22:36:12 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-02-02 22:36:10 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:15:30 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-02-03 14:37:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-02-03 14:37:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-02-03 14:37:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-02-03 14:37:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-02-03 14:37:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-02-02 22:36:12 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-02-03 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-02-03 11:50:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2013-02-02 22:28:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-02-02 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
Are you aware that your internet connection is going through a server in San Francisco, have you aloud this for one of your game sites ?
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:processes
killallprocesses
:OTL
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}: "URL" = http://search.portalsepeti.com/?hl=tr&tbm=web&q={searchTerms}&oem=MUH&uid=WD-WCAV56241704_WDCWD10EARS-00Y5B1&tm=1358546600
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
FF - prefs.js..browser.search.defaultenginename: "navegaki"
FF - prefs.js..network.proxy.http: "74.115.1.13"
FF - prefs.js..network.proxy.http_port: 80
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Also rescan with OTL and post a new log please
I don't know about that san francisco thing. I've probably aloowed it one some game site, since i have a bad habbit of pressing accept and next until my game installs :v
All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7DC0055E-1C76-479B-9C92-9D2459569A1F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DC0055E-1C76-479B-9C92-9D2459569A1F}\ not found.
HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "navegaki" removed from browser.search.defaultenginename
Prefs.js: "74.115.1.13" removed from network.proxy.http
Prefs.js: 80 removed from network.proxy.http_port
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-konfiguration
DNS Resolver Cache blev tmt.
C:\Users\Bruger\Desktop\cmd.bat deleted successfully.
C:\Users\Bruger\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Bruger
->Temp folder emptied: 9287 bytes
->Temporary Internet Files folder emptied: 935583 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1860299 bytes
->Google Chrome cache emptied: 356545523 bytes
->Flash cache emptied: 941 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 453977 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 840 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 343,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02042013_160347
Files\Folders moved on Reboot...
C:\Users\Bruger\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL logfile created on: 04-02-2013 16:18:10 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 44,67% Memory free
7,98 Gb Paging File | 5,07 Gb Available in Paging File | 63,51% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 249,80 Gb Free Space | 26,82% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libglesv2.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\libegl.dll ()
MOD - C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bruger\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.137.0_0\BFHUpdater.exe
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files (x86)\DNA\plugins\npbtdna.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.196.0_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Battlefield Play4Free = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Battlefield Heroes = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_1\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013-02-04 16:03:51 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-02-04 15:59:39 | 000,802,760 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-02-04 15:43:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-02-04 15:43:16 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2013-02-03 20:00:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-03 14:37:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-02-03 14:37:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-02-03 14:37:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-02-03 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\ProcAlyzer Dumps
[2013-02-03 12:27:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-02-03 12:25:33 | 005,029,686 | R--- | C] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-02-03 11:59:12 | 000,000,000 | ---D | C] -- C:\JRT
[2013-02-03 11:59:07 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-03 11:50:49 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{94E4EFB3-A776-4521-A41D-2A5861723B9C}
[2013-02-02 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{02155C00-241D-4FF8-B2E1-14100759040E}
[2013-02-02 12:14:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{E4657B68-3E84-4AF3-B787-EA1BDE309D1A}
[2013-02-01 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C0DB8895-72E6-4886-A1E1-07CEC6E5267A}
[2013-01-31 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C39DD8AB-5E30-41F3-9D04-DE1133ED8752}
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
[2013-01-06 01:26:03 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\Essentials
[2013-01-06 01:19:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D93E9ABD-EFD9-4612-A009-F5BE9BD746C8}
========== Files - Modified Within 30 Days ==========
[2013-02-04 16:19:15 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-04 16:19:15 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-04 16:10:18 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3995930073-3555480574-2151513988-1000UA.job
[2013-02-04 16:08:55 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-02-04 16:07:57 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-02-04 16:06:29 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-02-04 16:05:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-04 16:05:38 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 16:03:51 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-02-03 21:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-02-03 21:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-03 19:47:48 | 005,029,686 | R--- | M] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 11:59:00 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-02 22:36:12 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-02-02 22:36:10 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:29 | 000,001,533 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-01-09 09:49:56 | 000,802,760 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
========== Files Created - No Company Name ==========
[2013-02-03 14:37:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-02-03 14:37:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-02-03 14:37:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-02-03 14:37:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-02-03 14:37:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-02-02 22:36:12 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-02-03 22:07:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-02-04 16:09:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2013-02-02 22:28:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-02-02 22:29:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2013-02-04 15:44:38 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
Let me see a new OTL report and lets see if there gone. Is Portal sepiti gone or still there and if so in what browsers ?
Its not a good idea when installing any kind of software to not read through the prompts or your going to wind up with all sorts of garbage on your system
I assume you didn't see the log I posted on the current page.
Portal sepeti is still on the chrome browser, which is the one i use.
Missed it, it was on another page.
I think what I would do now is completely uninstall Chrome . You can use this uninstaller to make sure you get all the registry entries associated with it as well. Just download the free version
http://www.revouninstaller.com/
C:\Program Files\Chrome <-- Delete the entire Chrome Folder if its still present after the uninstall.
Then go ahead and download and install a clean copy
www.google.com/chrome
Then let me know how things are running ?
It's gone now :laugh:
Want me to post another otl log so you can compare to the old log and find the source of portal sepeti? (If that's how it works)
Also; thanks a lot for helping me out, I really appreciate it!
That would be helpful, go ahead and run a new OTL log.
Nillor, you appear to be young and seem to know your way around windows fairly well, you had no problems with any of my instructions. Use that knowledge and be very careful what you download and install. Read through the prompts as your installing, a good example is if you dont read through and install the latest Java Update it will install the Asktoolbar and will change all your search setting, its a piece of garbage and you dont need it on your system...Read.. Read Read
Lets make sure there is nothing else lurking
ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan
*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.
Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.
OTL logfile created on: 05-02-2013 13:51:13 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruger\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
3,99 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 38,95% Memory free
7,98 Gb Paging File | 4,71 Gb Available in Paging File | 58,99% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 247,48 Gb Free Space | 26,57% Space Free | Partition Type: NTFS
Computer Name: BRUGER-PC | User Name: Bruger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bruger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\NTServer\service.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmer\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Steam\SDL.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDad.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TabletServicePen) -- C:\Windows\SysNative\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NTServiceSystem) -- C:\Windows\SysWOW64\NTServer\service.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programmer\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (wlidsvc) -- C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (LBTServ) -- C:\Programmer\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (wlcrasvc) -- C:\Programmer\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Programmer\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (irsir) -- C:\Windows\SysNative\drivers\irsir.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/user/nillor0?feature=mhw4
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 4B 7D F0 28 C8 CA 01 [binary data]
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes,DefaultScope = {4C430FFD-3E0B-45C9-B13E-BC32314A0D74}
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\SearchScopes\{4C430FFD-3E0B-45C9-B13E-BC32314A0D74}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SKPB_daDK371
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.startup.homepage: "http://www.quakelive.com/#!welcome"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.110.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledAddons: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.1.1
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.3.0.11079
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-12 15:34:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-07-09 23:13:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-09 15:47:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Bruger\AppData\Roaming\IDM\idmmzcc3 [2011-02-11 23:19:52 | 000,000,000 | ---D | M]
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions
[2012-09-15 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2012-05-19 20:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions
[2011-06-29 13:04:20 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldheroespatcher@ea.com
[2011-07-10 14:21:52 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Bruger\AppData\Roaming\mozilla\Firefox\Profiles\6rsi3ybe.default\extensions\battlefieldplay4free@ea.com
[2011-12-11 02:04:19 | 000,061,705 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi
[2012-05-19 20:16:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Bruger\AppData\Roaming\mozilla\firefox\profiles\6rsi3ybe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-10-30 15:20:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-06-08 13:31:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-08-14 14:47:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-24 00:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-03-12 10:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-06-10 15:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-04-21 23:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012-11-12 15:34:32 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-09 23:13:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-01-18 23:04:07 | 000,005,010 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\navegaki.xml
========== Chrome ==========
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.youtube.com/playlist?list=FLcctdmA37swZQOi-TKPMChw&feature=plcp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: Downloader Detector (Enabled) = C:\Program Files (x86)\Downloader\npdd.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Bruger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Bruger\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Dokumenter = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drev = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube Options for Google Chrome\u2122 = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn\1.8.104_0\
CHR - Extension: YouTube = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-s\u00F8gning = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Skype Click to Call = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: 4chan Plus = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\
CHR - Extension: Gmail = C:\Users\Bruger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013-02-04 16:03:51 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmer\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Akamai NetSession Interface] C:\Users\Bruger\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmer\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3995930073-3555480574-2151513988-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B7ADDC6-52E6-47B8-AC4E-86D090AC1BF0}: DhcpNameServer = 208.67.222.222 208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmer\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-02-04 20:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-02-04 19:53:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\VS Revo Group
[2013-02-04 19:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013-02-04 19:52:49 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013-02-04 19:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-02-04 15:59:39 | 000,543,160 | ---- | C] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-02-04 15:43:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-02-04 15:43:16 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2013-02-03 20:00:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-03 14:37:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-02-03 14:37:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-02-03 14:37:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-02-03 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Documents\ProcAlyzer Dumps
[2013-02-03 12:27:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-02-03 12:25:33 | 005,029,686 | R--- | C] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-02-03 11:59:12 | 000,000,000 | ---D | C] -- C:\JRT
[2013-02-03 11:59:07 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-03 11:50:49 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{94E4EFB3-A776-4521-A41D-2A5861723B9C}
[2013-02-02 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{02155C00-241D-4FF8-B2E1-14100759040E}
[2013-02-02 12:14:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{E4657B68-3E84-4AF3-B787-EA1BDE309D1A}
[2013-02-01 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C0DB8895-72E6-4886-A1E1-07CEC6E5267A}
[2013-01-31 13:42:35 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C39DD8AB-5E30-41F3-9D04-DE1133ED8752}
[2013-01-30 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{90AE50FD-9303-485D-937E-50F229AC7A54}
[2013-01-29 21:20:13 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Roaming\Malwarebytes
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-01-29 21:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-01-29 21:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-01-29 15:57:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-01-29 15:44:07 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FD25824F-E47D-4522-B2DD-3173B26B4885}
[2013-01-28 16:15:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-28 15:16:44 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{2591BA1E-11E1-4963-AF84-D1AC5A065C1F}
[2013-01-27 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{80A4E37A-80C7-4E1A-808C-4BBF52CD4A63}
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-27 11:44:14 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-27 11:44:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-26 19:07:05 | 000,000,000 | ---D | C] -- C:\Users\Bruger\Desktop\Tripcode_Explorer
[2013-01-26 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{06ACEED0-7B74-4A95-958F-9FBCB1F4E237}
[2013-01-25 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{AA35EEC0-44DB-47B2-BF64-08FA2011CBE6}
[2013-01-24 15:45:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7C4DF284-AEF0-4E4D-88D5-561E60381DC8}
[2013-01-23 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2013-01-23 13:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{45505061-2BE5-40B7-8A58-462E53843719}
[2013-01-22 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013-01-22 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013-01-22 20:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013-01-22 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{0C0A1DB9-B608-4D53-A710-2777A970D2FF}
[2013-01-21 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013-01-21 19:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013-01-21 19:40:16 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013-01-21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013-01-21 19:39:48 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\Programs
[2013-01-21 16:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-01-21 16:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-01-21 16:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013-01-21 16:46:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013-01-20 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{FAB92882-37BC-4912-A450-E36FAEA73A2F}
[2013-01-19 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{9BBCFB09-E8F7-44CC-ADF3-A98D7E45C7C5}
[2013-01-19 01:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{7E574572-E413-458C-A8B9-0226847DAC40}
[2013-01-18 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NTServer
[2013-01-18 13:46:25 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{F4DDDC70-C22D-4BFC-AE2C-EF4E6E297811}
[2013-01-17 11:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{667BE21D-13E4-4AF4-87A6-07B5A7B8E929}
[2013-01-16 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{1E8AF24E-87A1-4258-92D1-70B1D3BA48BF}
[2013-01-15 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{DB4E1AE5-94DE-4C99-8BFB-34ABEE2BE75B}
[2013-01-14 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{077AC819-7F9D-4268-A83E-489C10E7CD18}
[2013-01-13 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{42950187-9F23-44D9-9F6F-9D406D865F5C}
[2013-01-12 13:20:52 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BD0EA2A4-A61F-4F32-905A-3A4B2EF2869E}
[2013-01-11 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{3C5581A0-6740-475A-83C5-48A6CFE224AB}
[2013-01-10 15:26:36 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{5CBBC934-179C-4066-8F26-090E0F9576B9}
[2013-01-09 22:36:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013-01-09 22:36:48 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013-01-09 22:36:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013-01-09 22:36:09 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013-01-09 22:35:56 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013-01-09 22:35:56 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013-01-09 22:35:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013-01-09 22:35:56 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013-01-09 22:35:56 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013-01-09 22:35:55 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013-01-09 22:35:55 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013-01-09 22:35:54 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013-01-09 22:35:54 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013-01-09 22:35:54 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013-01-09 22:35:53 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013-01-09 22:35:52 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013-01-09 22:35:52 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013-01-09 22:35:52 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013-01-09 22:35:51 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013-01-09 22:35:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013-01-09 22:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013-01-09 22:35:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013-01-09 22:35:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013-01-09 22:35:32 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013-01-09 22:35:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013-01-09 22:34:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-01-09 22:34:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-01-09 22:34:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-01-09 22:34:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-01-09 22:34:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-01-09 22:34:02 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-01-09 22:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-01-09 22:34:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-01-09 22:34:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-01-09 22:34:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-01-09 22:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-01-09 22:33:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-01-09 22:33:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-01-09 22:33:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-01-09 22:33:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-01-09 22:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-01-09 22:33:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-01-09 22:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-01-09 22:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-01-09 22:33:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-01-09 22:33:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-01-09 22:33:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-01-09 22:33:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-01-09 22:32:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013-01-09 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{C53FB7B9-BDFE-402D-AF6B-AD6EA5A040AA}
[2013-01-08 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{D609CD34-3B93-496D-952B-43A393614954}
[2013-01-07 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{BAB20A47-6E48-46DA-A644-0904F6F21FEE}
[2013-01-06 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\Bruger\AppData\Local\{EF1C9AFA-7510-47DB-AA90-15062C205288}
========== Files - Modified Within 30 Days ==========
[2013-02-05 13:52:08 | 000,543,160 | ---- | M] (Navegaki software) -- C:\Windows\SysWow64\navegaki.exe
[2013-02-05 13:51:52 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-05 13:51:52 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-05 13:42:43 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013-02-05 13:42:02 | 000,002,283 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-02-05 13:41:37 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-02-05 13:41:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-05 13:41:18 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-04 23:36:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-02-04 23:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-04 20:05:06 | 000,001,445 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-02-04 19:52:52 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013-02-04 16:07:57 | 000,013,806 | ---- | M] () -- C:\Windows\SysNative\Pen_Tablet.dat
[2013-02-04 16:03:51 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013-02-03 19:47:48 | 005,029,686 | R--- | M] (Swearware) -- C:\Users\Bruger\Desktop\ComboFix.exe
[2013-02-03 11:59:00 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Bruger\Desktop\JRT.exe
[2013-02-02 22:36:12 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-02-02 22:36:10 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-01-29 15:46:01 | 000,001,051 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013-01-28 16:15:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruger\Desktop\OTL.exe
[2013-01-27 03:28:26 | 000,000,173 | ---- | M] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2013-01-27 01:56:40 | 000,000,132 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013-01-25 06:23:38 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | M] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | M] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | M] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-19 15:17:06 | 000,001,456 | ---- | M] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013-01-18 23:04:08 | 000,000,427 | ---- | M] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-18 23:03:29 | 000,002,216 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | M] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-12 03:30:18 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-01-12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-01-11 14:56:40 | 000,234,496 | ---- | M] () -- C:\Users\Bruger\Documents\gamepad.exe
[2013-01-10 15:21:31 | 004,934,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-01-09 23:06:20 | 001,380,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-01-09 23:06:20 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-01-09 23:06:20 | 000,516,486 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013-01-09 23:06:20 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-01-09 23:06:20 | 000,102,986 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013-01-09 23:06:10 | 001,380,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-01-09 17:32:26 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-01-09 17:32:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2013-02-04 20:50:58 | 000,002,283 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-02-04 19:52:52 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013-02-03 14:37:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-02-03 14:37:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-02-03 14:37:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-02-03 14:37:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-02-03 14:37:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-02-02 22:36:12 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-01-25 06:23:38 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013-01-25 06:23:36 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013-01-23 19:16:02 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2013-01-22 21:43:35 | 000,000,512 | ---- | C] () -- C:\Users\Bruger\Desktop\MBR.dat
[2013-01-22 20:26:37 | 000,001,108 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013-01-22 20:26:33 | 000,000,909 | ---- | C] () -- C:\Users\Bruger\Desktop\ERUNT.lnk
[2013-01-21 19:40:24 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013-01-18 23:03:21 | 000,002,207 | ---- | C] () -- C:\Users\Bruger\Application Data\Microsoft\Internet Explorer\Quick Launch\portalsepeti.lnk
[2013-01-18 23:03:19 | 000,000,427 | ---- | C] () -- C:\Windows\SysWow64\ntserverbind.ini
[2013-01-11 14:56:39 | 000,234,496 | ---- | C] () -- C:\Users\Bruger\Documents\gamepad.exe
[2012-12-23 00:38:13 | 000,001,456 | ---- | C] () -- C:\Users\Bruger\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012-12-23 00:28:51 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012-11-08 18:12:40 | 000,000,132 | ---- | C] () -- C:\Users\Bruger\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012-09-09 18:51:29 | 000,266,021 | ---- | C] () -- C:\Windows\QLPrism Uninstaller.exe
[2012-08-29 15:33:55 | 000,000,173 | ---- | C] () -- C:\Users\Bruger\AppData\Local\msmathematics.qat.Bruger
[2012-07-02 23:49:02 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-05-02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-12-14 04:55:24 | 000,081,920 | ---- | C] () -- C:\Windows\qlprism-uninstall.exe
[2011-12-04 18:37:08 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\un-gamma.exe
[2011-10-25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-08-06 23:40:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011-08-06 23:40:13 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011-07-29 19:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011-06-27 00:19:51 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-02-12 03:24:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-26 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.minecraft
[2012-09-20 21:18:58 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\.spotflux
[2010-10-17 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Ableton
[2010-06-26 20:31:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Anabel
[2011-08-10 16:18:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\AtomZombieData
[2012-05-25 12:46:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Audacity
[2012-11-07 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Awesomium
[2012-01-20 14:33:39 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\BigHugeEngine
[2010-05-02 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Bioshock2
[2010-05-31 17:11:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\bizarre creations
[2010-05-08 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Blender Foundation
[2012-09-08 15:59:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Braid
[2011-07-29 19:51:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Broken Rules
[2011-07-27 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Crayon Physics Deluxe
[2010-05-31 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DAEMON Tools Lite
[2012-06-27 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\digipen
[2013-02-04 23:41:23 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\DMCache
[2011-02-05 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Downloaded Installations
[2013-02-05 13:44:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Dropbox
[2010-06-28 14:39:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Facebook
[2012-06-02 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\fltk.org
[2010-11-19 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\GameRanger
[2011-07-10 10:15:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\go
[2011-01-28 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Gyazo
[2010-10-18 14:09:05 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Hardcore
[2013-02-02 22:28:42 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\IDM
[2011-07-29 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Lazy 8 Studios
[2010-03-20 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Leadertech
[2011-03-11 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LolClient
[2012-06-08 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\LoneSurvivor
[2011-05-14 16:20:50 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mount&Blade Warband
[2012-09-23 21:02:35 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Mumble
[2012-07-27 17:13:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Need for Speed World
[2011-12-20 17:49:33 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Nicalis
[2010-12-25 18:43:51 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\NPLUTO Corporation
[2011-10-07 16:45:57 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\OpenOffice.org
[2011-07-27 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Origin
[2012-01-15 02:17:46 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RenPy
[2012-07-03 16:17:47 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\RotMG.Production
[2012-07-01 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Screaming Bee
[2012-11-08 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-12-03 16:08:01 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\StepMania 5
[2011-01-26 22:16:44 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Subversion
[2012-08-16 18:36:08 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Thinstall
[2011-08-20 14:02:18 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TinyAndBig
[2011-07-10 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\TS3Client
[2011-07-10 16:18:30 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\ts3overlay
[2013-02-04 23:40:59 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\uTorrent
[2012-03-17 23:56:16 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\wargaming.net
[2011-09-16 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\Windows Live Writer
[2013-02-04 15:44:38 | 000,000,000 | ---D | M] -- C:\Users\Bruger\AppData\Roaming\WTouch
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Thinstall
[2012-09-25 18:17:07 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Thinstall
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C9FD258B
< End of report >
Thanks, all the bad entries in Chrome are gone and thats what I wanted to see
This is just a doublecheck to make sure there is nothing else lurking on your system
ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan
*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.
Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.
Yeah I've been running the scan for 4 hours.
It's funny how it was at 99% after half an hour, but is still scanning.
http://gyazo.com/48c62bf46baf4d12e3cc59546f799777.png?1360089747
I think you did pretty good! :)
I am assuming it didn't find anything ???
Correct! I think you've fixed everything:thanks:
:bigthumb:
Great, glad all is well.
We need to update your Java to keep you more secure
Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 13, if not proceed with the instructions.
Go to the update Tab and update it
Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.
You can verify the installation Here (http://www.java.com/en/download/help/testvm.xml)
Click START then RUN
Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
http://i526.photobucket.com/albums/cc345/MPKwings/CF-Uninstall.png
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/index.php?showtopic=57817)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Safe Surfn
Ken
Your very welcome my friend
Ken :)
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.