Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect to webresults.org


  • This topic is locked This topic is locked
7 replies to this topic

#1 johanteo

johanteo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 24 April 2010 - 02:38 PM

When I click on a link after a search in Google I typically get redirected to something like http://webresult6.org/gosearch.php?q=google

I have been looking around to find a solution to this, and tried various things without any luck, like combofix, spybot, Malwarebytes' Anti-Malware, byt the scans comes up clean.

I hope someone can help.

DDS (Ver_10-03-17.01) - NTFSx86
Run by Johan at 20:13:03,31 on 2010-04-24
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1033.18.2048.1077 [GMT 2:00]

SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\RealVNC\VNC4\winvnc4.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Johan\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.1.27.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SoundMan] SOUNDMAN.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.4.1.27.dll/206
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
Hosts: 89.149.249.195 www.google.de
Hosts: 89.149.249.195 www.google.fr
Hosts: 89.149.249.195 www.google.com.br
Hosts: 89.149.249.195 www.google.it
Hosts: 89.149.249.195 www.google.es

Note: multiple HOSTS entries found. Please refer to Attach.txt

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-4-11 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-11 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-11 29512]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-11 242896]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992]
R2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-4-11 916760]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-4-11 308064]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-4-18 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-4-18 23456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

=============== Created Last 30 ================

2010-04-24 17:59:36 617198 ----a-w- c:\windows\system32\perfh01D.dat
2010-04-24 17:59:36 37052 ----a-w- c:\windows\system32\perfd01D.dat
2010-04-24 17:59:36 294764 ----a-w- c:\windows\system32\perfi01D.dat
2010-04-24 17:59:36 120576 ----a-w- c:\windows\system32\perfc01D.dat
2010-04-24 17:56:27 0 d-----w- c:\windows\system32\XPSViewer
2010-04-24 17:56:27 0 d-----w- c:\windows\system32\sv
2010-04-24 17:56:27 0 d-----w- c:\windows\system32\drivers\sv-SE
2010-04-24 17:56:22 0 d-----w- c:\windows\system32\wbem\sv-SE
2010-04-24 17:55:57 0 d-----w- c:\windows\sv-SE
2010-04-24 07:09:10 0 d-----w- c:\programdata\NVIDIA
2010-04-24 07:08:21 490088 ----a-w- c:\windows\system32\nvuninst.exe
2010-04-24 06:34:39 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-24 06:34:38 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-24 06:33:25 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-24 06:33:25 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-24 06:33:25 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-23 07:28:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-04-23 07:24:32 0 d-----w- c:\program files\Trend Micro
2010-04-23 06:32:40 0 d-----w- c:\users\johan\appdata\roaming\Autodesk Navisworks Freedom 2011
2010-04-23 06:32:40 0 d-----w- c:\programdata\Autodesk Navisworks Freedom 2011
2010-04-23 06:31:01 0 d-----w- c:\programdata\FLEXnet
2010-04-23 06:30:55 0 d-----w- c:\users\johan\appdata\roaming\Autodesk Navisworks Manage 2011
2010-04-23 06:30:55 0 d-----w- c:\programdata\Navisworks 2011
2010-04-23 06:30:55 0 d-----w- c:\programdata\Autodesk Navisworks Manage 2011
2010-04-18 08:58:29 0 d-sh--w- C:\$RECYCLE.BIN
2010-04-18 08:46:59 0 d-----w- C:\ComboFix
2010-04-18 07:29:02 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-18 07:29:02 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-04-18 06:46:37 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-04-18 06:46:25 4017536 ----a-r- c:\windows\system32\drivers\alcxwdm.sys
2010-04-18 06:46:22 0 d-----w- c:\program files\Realtek Sound Manager
2010-04-18 06:46:20 164 ----a-w- c:\windows\avrack.ini
2010-04-18 06:46:20 0 d-----w- c:\program files\AvRack
2010-04-18 06:46:13 141016 ----a-w- c:\windows\system32\alsndmgr.wav
2010-04-18 06:46:13 0 d-----w- c:\program files\Realtek AC97
2010-04-18 06:46:12 315392 ----a-w- c:\windows\alcupd.exe
2010-04-18 06:32:37 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-04-15 12:57:24 0 d-----w- c:\program files\common files\Macrovision Shared
2010-04-15 12:53:48 0 d-----w- c:\program files\common files\Autodesk Shared
2010-04-15 12:53:48 0 d-----w- c:\program files\Autodesk
2010-04-15 12:49:53 0 d-----w- c:\users\johan\appdata\roaming\Autodesk
2010-04-15 12:49:52 0 d-----w- c:\programdata\Autodesk
2010-04-15 12:43:04 0 d-----w- c:\users\johan\Tracing
2010-04-15 12:40:25 0 d-----w- C:\Autodesk
2010-04-15 12:08:30 0 d-----w- c:\program files\Microsoft
2010-04-15 12:08:14 0 d-----w- c:\program files\Windows Live SkyDrive
2010-04-15 12:02:13 0 d-----w- c:\program files\common files\Windows Live
2010-04-15 11:50:42 0 d-----w- c:\program files\common files\Akamai
2010-04-15 11:35:46 0 d-----w- c:\users\johan\appdata\roaming\Malwarebytes
2010-04-15 11:35:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-15 11:35:39 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-15 11:35:39 0 d-----w- c:\programdata\Malwarebytes
2010-04-15 11:35:39 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-15 11:22:57 98816 ----a-w- c:\windows\sed.exe
2010-04-15 11:22:57 77312 ----a-w- c:\windows\MBR.exe
2010-04-15 11:22:57 261632 ----a-w- c:\windows\PEV.exe
2010-04-15 11:22:57 161792 ----a-w- c:\windows\SWREG.exe
2010-04-14 13:43:30 39 ----a-w- c:\windows\vbaddin.ini
2010-04-14 13:41:58 162 ----a-w- c:\windows\ODBC.INI
2010-04-14 04:46:44 0 d-----w- c:\program files\Microsoft Synchronization Services
2010-04-14 04:46:26 0 d-----w- c:\windows\PCHEALTH
2010-04-14 04:46:26 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-04-14 04:44:44 0 d-----w- c:\program files\Microsoft Analysis Services
2010-04-14 04:44:19 0 d-----w- c:\programdata\Microsoft Help
2010-04-14 04:36:33 0 d-----w- c:\program files\DAEMON Tools Toolbar
2010-04-14 04:31:19 0 d-----w- c:\program files\DAEMON Tools Lite
2010-04-14 04:30:51 0 d-----w- c:\users\johan\appdata\roaming\DAEMON Tools Lite
2010-04-14 04:30:45 0 d-----w- c:\programdata\DAEMON Tools Lite
2010-04-14 04:25:59 0 d-----w- c:\programdata\DAEMON Tools Pro
2010-04-14 04:25:59 0 d-----w- c:\program files\DAEMON Tools Pro
2010-04-13 16:56:51 0 d-----w- c:\programdata\Adobe
2010-04-13 16:43:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-13 16:43:03 0 d-----w- c:\users\johan\appdata\roaming\DAEMON Tools Pro
2010-04-13 16:40:58 0 d-----w- c:\users\johan\appdata\roaming\AVG9
2010-04-12 04:33:42 26624 ----a-w- c:\windows\system32\VNCpm.dll
2010-04-12 04:33:31 4608 ----a-w- c:\windows\system32\drivers\vncmirror.sys
2010-04-12 04:33:31 20992 ----a-w- c:\windows\system32\vncmirror.dll
2010-04-11 20:06:48 0 d-----w- c:\program files\RealVNC
2010-04-11 15:47:23 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-04-11 15:47:22 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-04-11 15:47:22 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-11 15:47:15 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-04-11 15:47:14 0 d-----w- c:\windows\system32\drivers\Avg
2010-04-11 15:47:09 0 d-----w- c:\programdata\avg9
2010-04-11 15:47:09 0 d-----w- c:\program files\AVG
2010-04-11 15:46:38 0 d-sh--w- c:\windows\Installer
2010-04-11 15:38:42 0 d-----w- C:\Downloads
2010-04-11 15:38:41 0 d-----w- c:\users\johan\appdata\roaming\BitComet
2010-04-11 15:35:19 0 d-----w- c:\program files\BitComet
2010-04-10 19:51:16 0 d-----w- C:\Recovery
2010-04-10 19:51:15 0 d-sh--we c:\programdata\Documents
2010-04-10 19:51:15 0 d-sh--we C:\Documents and Settings

==================== Find3M ====================

2010-04-24 06:59:57 37052 ----a-w- c:\windows\inf\perflib\041d\perfd.dat
2010-04-24 06:59:57 37052 ----a-w- c:\windows\inf\perflib\041d\perfc.dat
2010-04-24 06:59:57 294764 ----a-w- c:\windows\inf\perflib\041d\perfi.dat
2010-04-24 06:59:57 294764 ----a-w- c:\windows\inf\perflib\041d\perfh.dat
2010-02-27 12:07:48 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-27 12:07:48 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-24 08:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 07:56:00 977920 ----a-w- c:\windows\system32\wininet.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\system32\tzres.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:13:52,20 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 PM

Posted 29 April 2010 - 01:51 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 johanteo

johanteo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 30 April 2010 - 01:56 AM

Hi,

thanks for your reply, and yes - I am here.

/Johan

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 PM

Posted 30 April 2010 - 02:27 PM

There's still evidence of a hijacked PC. The malware that brought it may have been removed through various tools that you have run but the actual hijack would stay after that.

Please run OTL
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#5 johanteo

johanteo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 30 April 2010 - 02:40 PM

Ok, here they come...

OTL logfile created on: 2010-04-30 21:34:02 - Run 1
OTL by OldTimer - Version 3.2.3.1 Folder = C:\Users\Johan\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 64,10 Gb Free Space | 43,01% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 175,54 Gb Free Space | 94,22% Space Free | Partition Type: NTFS
Drive E: | 2,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 186,31 Gb Total Space | 99,68 Gb Free Space | 53,50% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHAN-PC
Current User Name: Johan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Johan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Users\Johan\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/rswin_3653.dll ()
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


========== Driver Services (SafeList) ==========

DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (vncmirror) -- C:\Windows\System32\drivers\vncmirror.sys (RealVNC Ltd.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\Windows\System32\drivers\RTKVAC.SYS (Realtek Semiconductor Corp.)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FA D0 9C 44 F0 D8 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010-04-25 09:39:55 | 000,001,366 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-15 14:40:25 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-07-13 13:55:00 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-04-30 21:32:43 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Johan\Desktop\OTL.exe
[2010-04-25 08:11:18 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2010-04-25 07:51:09 | 000,046,928 | ---- | C] (Adobe Systems Inc) -- C:\Windows\System32\AdobePDF.dll
[2010-04-24 22:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010-04-24 22:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010-04-24 22:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010-04-24 22:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010-04-24 22:10:29 | 000,000,000 | ---D | C] -- C:\Users\Johan\Desktop\getservice
[2010-04-24 19:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010-04-24 19:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE
[2010-04-24 19:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\sv
[2010-04-24 19:55:57 | 000,000,000 | ---D | C] -- C:\Windows\sv-SE
[2010-04-24 09:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010-04-24 09:08:21 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010-04-24 08:53:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\volsnap.sys.mui
[2010-04-24 08:53:20 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vhdmp.sys.mui
[2010-04-24 08:53:20 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\portcls.sys.mui
[2010-04-24 08:53:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\wd.sys.mui
[2010-04-24 08:53:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\usbport.sys.mui
[2010-04-24 08:53:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\usbhub.sys.mui
[2010-04-24 08:53:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\tpm.sys.mui
[2010-04-24 08:53:19 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\sv-SE\pscr.sys.mui
[2010-04-24 08:53:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\umbus.sys.mui
[2010-04-24 08:53:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\serscan.sys.mui
[2010-04-24 08:53:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\pcmcia.sys.mui
[2010-04-24 08:53:16 | 000,003,072 | ---- | C] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\sv-SE\getn62.sys.mui
[2010-04-24 08:53:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\rndismpx.sys.mui
[2010-04-24 08:53:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\rndismp6.sys.mui
[2010-04-24 08:53:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vwifibus.sys.mui
[2010-04-24 08:53:15 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\mpio.sys.mui
[2010-04-24 08:53:15 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\sv-SE\yk62x86.sys.mui
[2010-04-24 08:53:15 | 000,020,992 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\e1y6032.sys.mui
[2010-04-24 08:53:15 | 000,020,992 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\e1e6032.sys.mui
[2010-04-24 08:53:15 | 000,017,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\E1G60I32.sys.mui
[2010-04-24 08:53:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\afd.sys.mui
[2010-04-24 08:53:15 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\sv-SE\k57nd60x.sys.mui
[2010-04-24 08:53:15 | 000,012,800 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\sv-SE\b57nd60x.sys.mui
[2010-04-24 08:53:15 | 000,011,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\e1q6032.sys.mui
[2010-04-24 08:53:15 | 000,010,752 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\e1k6032.sys.mui
[2010-04-24 08:53:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\serial.sys.mui
[2010-04-24 08:53:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\i8042prt.sys.mui
[2010-04-24 08:53:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\msdsm.sys.mui
[2010-04-24 08:53:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\sermouse.sys.mui
[2010-04-24 08:53:15 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\sv-SE\e100b325.sys.mui
[2010-04-24 08:53:15 | 000,005,120 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\sv-SE\bcm4sbxp.sys.mui
[2010-04-24 08:53:15 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\mouclass.sys.mui
[2010-04-24 08:53:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\parport.sys.mui
[2010-04-24 08:53:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\mouhid.sys.mui
[2010-04-24 08:53:15 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ataport.sys.mui
[2010-04-24 08:53:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\parvdm.sys.mui
[2010-04-24 08:53:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\MTConfig.sys.mui
[2010-04-24 08:53:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\amdide.sys.mui
[2010-04-24 08:53:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\tcpip.sys.mui
[2010-04-24 08:53:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bfe.dll.mui
[2010-04-24 08:53:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\tunnel.sys.mui
[2010-04-24 08:53:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\modem.sys.mui
[2010-04-24 08:53:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\wdf01000.sys.mui
[2010-04-24 08:53:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ws2ifsl.sys.mui
[2010-04-24 08:53:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\usbrpm.sys.mui
[2010-04-24 08:53:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\fvevol.sys.mui
[2010-04-24 08:53:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\scfilter.sys.mui
[2010-04-24 08:53:09 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\rdbss.sys.mui
[2010-04-24 08:53:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\pacer.sys.mui
[2010-04-24 08:53:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\qwavedrv.sys.mui
[2010-04-24 08:53:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\partmgr.sys.mui
[2010-04-24 08:53:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ntfs.sys.mui
[2010-04-24 08:53:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ndis.sys.mui
[2010-04-24 08:53:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\nwifi.sys.mui
[2010-04-24 08:53:06 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ndisuio.sys.mui
[2010-04-24 08:53:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ndiscap.sys.mui
[2010-04-24 08:53:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\mountmgr.sys.mui
[2010-04-24 08:53:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\luafv.sys.mui
[2010-04-24 08:53:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\http.sys.mui
[2010-04-24 08:52:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\fltmgr.sys.mui
[2010-04-24 08:52:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\volmgrx.sys.mui
[2010-04-24 08:52:55 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\pnpmem.sys.mui
[2010-04-24 08:52:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\viac7.sys.mui
[2010-04-24 08:52:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\processr.sys.mui
[2010-04-24 08:52:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\intelppm.sys.mui
[2010-04-24 08:52:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\amdppm.sys.mui
[2010-04-24 08:52:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\amdk8.sys.mui
[2010-04-24 08:52:54 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerIb.sys.mui
[2010-04-24 08:52:54 | 000,009,728 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\sv-SE\ltmdmnt.sys.mui
[2010-04-24 08:52:54 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\pci.sys.mui
[2010-04-24 08:52:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bthport.sys.mui
[2010-04-24 08:52:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\IPMIDrv.sys.mui
[2010-04-24 08:52:54 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\kbdclass.sys.mui
[2010-04-24 08:52:54 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bthpan.sys.mui
[2010-04-24 08:52:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\wacompen.sys.mui
[2010-04-24 08:52:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\isapnp.sys.mui
[2010-04-24 08:52:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\hdaudbus.sys.mui
[2010-04-24 08:52:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vdrvroot.sys.mui
[2010-04-24 08:52:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\HdAudio.sys.mui
[2010-04-24 08:52:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\mssmbios.sys.mui
[2010-04-24 08:52:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\hidbth.sys.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\VIAAGP.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ULIAGPKX.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\SISAGP.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\NV_AGP.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\kbdhid.sys.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\Dot4usb.sys.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\BTHUSB.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\AMDAGP.SYS.mui
[2010-04-24 08:52:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\AGP440.sys.mui
[2010-04-24 08:52:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\disk.sys.mui
[2010-04-24 08:52:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\cdrom.sys.mui
[2010-04-24 08:52:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\bthenum.sys.mui
[2010-04-24 08:52:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\ohci1394.sys.mui
[2010-04-24 08:52:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\1394ohci.sys.mui
[2010-04-24 08:52:53 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrSerId.sys.mui
[2010-04-24 08:52:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\battc.sys.mui
[2010-04-24 08:52:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\acpi.sys.mui
[2010-04-24 08:52:53 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\sv-SE\atikmdag.sys.mui
[2010-04-24 08:52:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\UAGP35.SYS.mui
[2010-04-24 08:52:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\GAGP30KX.SYS.mui
[2010-04-24 08:52:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\sv-SE\BrParwdm.sys.mui
[2010-04-24 08:35:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010-04-24 08:35:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010-04-24 08:35:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010-04-24 08:35:22 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010-04-24 08:35:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010-04-24 08:35:17 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-04-24 08:35:17 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-04-24 08:35:16 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-04-24 08:35:15 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010-04-24 08:35:15 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010-04-24 08:35:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-04-24 08:34:39 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010-04-23 09:41:23 | 001,870,688 | ---- | C] (Trend Micro Inc.) -- C:\Users\Johan\Desktop\HousecallLauncher.exe
[2010-04-23 09:32:57 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Johan\Desktop\HiJack-This.exe
[2010-04-23 09:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-04-23 08:32:40 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Autodesk Navisworks Freedom 2011
[2010-04-23 08:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk Navisworks Freedom 2011
[2010-04-23 08:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-04-23 08:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Navisworks 2011
[2010-04-23 08:30:55 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Autodesk Navisworks Manage 2011
[2010-04-23 08:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk Navisworks Manage 2011
[2010-04-18 10:58:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010-04-18 10:58:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010-04-18 10:58:27 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\temp
[2010-04-18 10:46:59 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010-04-18 10:38:13 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010-04-18 10:38:10 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010-04-18 09:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-04-18 09:29:02 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010-04-18 09:03:10 | 000,000,000 | ---D | C] -- C:\Users\Johan\Desktop\New folder
[2010-04-18 08:46:25 | 004,017,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\alcxwdm.sys
[2010-04-18 08:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2010-04-18 08:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2010-04-18 08:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010-04-18 08:46:12 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\alcupd.exe
[2010-04-18 08:46:11 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010-04-18 08:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010-04-18 08:32:37 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2010-04-18 08:32:37 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\eSupport.com
[2010-04-15 14:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010-04-15 14:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2010-04-15 14:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2010-04-15 14:49:53 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Autodesk
[2010-04-15 14:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2010-04-15 14:43:04 | 000,000,000 | ---D | C] -- C:\Users\Johan\Tracing
[2010-04-15 14:40:25 | 000,000,000 | ---D | C] -- C:\Autodesk
[2010-04-15 14:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010-04-15 14:08:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-04-15 14:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010-04-15 14:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010-04-15 14:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010-04-15 13:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010-04-15 13:35:46 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Malwarebytes
[2010-04-15 13:35:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-04-15 13:35:39 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-04-15 13:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-15 13:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-04-15 13:22:57 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010-04-15 13:22:57 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010-04-15 13:22:57 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010-04-15 13:22:51 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-04-15 13:19:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-04-14 15:54:30 | 000,000,000 | --SD | C] -- C:\Users\Johan\Documents\My Shapes
[2010-04-14 15:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010-04-14 06:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010-04-14 06:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010-04-14 06:46:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-04-14 06:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-04-14 06:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010-04-14 06:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010-04-14 06:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2010-04-14 06:44:22 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Microsoft Help
[2010-04-14 06:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010-04-14 06:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010-04-14 06:44:08 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010-04-14 06:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010-04-14 06:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-04-14 06:30:51 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\DAEMON Tools Lite
[2010-04-14 06:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-04-14 06:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010-04-14 06:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010-04-13 22:40:39 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Adobe
[2010-04-13 18:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-04-13 18:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-04-13 18:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-04-13 18:43:03 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\DAEMON Tools Pro
[2010-04-13 18:40:58 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\AVG9
[2010-04-12 20:52:02 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\WinRAR
[2010-04-12 20:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-04-12 20:41:46 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Opera
[2010-04-12 20:41:46 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Opera
[2010-04-12 20:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010-04-12 06:33:31 | 000,020,992 | ---- | C] (RealVNC Ltd.) -- C:\Windows\System32\vncmirror.dll
[2010-04-12 06:33:31 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\System32\drivers\vncmirror.sys
[2010-04-11 22:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\RealVNC
[2010-04-11 19:47:34 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Diagnostics
[2010-04-11 17:47:23 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-04-11 17:47:22 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-04-11 17:47:22 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010-04-11 17:47:15 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-04-11 17:47:14 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-04-11 17:47:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010-04-11 17:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010-04-11 17:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-04-11 17:46:38 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-04-11 17:38:42 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-04-11 17:38:41 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\BitComet
[2010-04-11 17:37:19 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\ElevatedDiagnostics
[2010-04-11 17:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010-04-11 17:25:41 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Macromedia
[2010-04-11 17:25:41 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Adobe
[2010-04-11 17:25:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010-04-10 21:54:20 | 000,000,000 | R--D | C] -- C:\Users\Johan\Searches
[2010-04-10 21:54:12 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Identities
[2010-04-10 21:54:10 | 000,000,000 | R--D | C] -- C:\Users\Johan\Contacts
[2010-04-10 21:53:59 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\VirtualStore
[2010-04-10 21:53:53 | 000,000,000 | --SD | C] -- C:\Users\Johan\AppData\Roaming\Microsoft
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Videos
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Saved Games
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Pictures
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Music
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Links
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Favorites
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Downloads
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\My Documents
[2010-04-10 21:53:53 | 000,000,000 | R--D | C] -- C:\Users\Johan\Desktop
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\AppData\Local\Temporary Internet Files
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Templates
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Start Menu
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\SendTo
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Recent
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\PrintHood
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\NetHood
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Documents\My Videos
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Documents\My Pictures
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Documents\My Music
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\My Documents
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Local Settings
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\AppData\Local\History
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Cookies
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\Application Data
[2010-04-10 21:53:53 | 000,000,000 | -HSD | C] -- C:\Users\Johan\AppData\Local\Application Data
[2010-04-10 21:53:53 | 000,000,000 | -H-D | C] -- C:\Users\Johan\AppData
[2010-04-10 21:53:53 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Microsoft
[2010-04-10 21:53:53 | 000,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Media Center Programs
[2010-04-10 21:52:11 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010-04-10 21:51:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010-04-10 21:51:16 | 000,000,000 | ---D | C] -- C:\Recovery
[2010-04-10 21:51:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010-04-10 21:51:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010-04-10 21:51:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010-04-10 21:51:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010-04-10 21:45:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010-04-10 21:45:47 | 000,000,000 | ---D | C] -- C:\Windows\CSC

========== Files - Modified Within 30 Days ==========

[2010-04-30 21:36:35 | 002,883,584 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT
[2010-04-30 21:36:01 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-04-30 21:36:01 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-04-30 21:34:50 | 059,422,779 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-04-30 21:32:43 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Johan\Desktop\OTL.exe
[2010-04-30 21:30:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-04-30 21:30:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-04-30 21:30:45 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2010-04-25 09:49:28 | 001,442,452 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-04-25 09:49:28 | 000,617,198 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2010-04-25 09:49:28 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-04-25 09:49:28 | 000,120,576 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2010-04-25 09:49:28 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-04-25 09:43:11 | 001,796,020 | -H-- | M] () -- C:\Users\Johan\AppData\Local\IconCache.db
[2010-04-25 09:39:55 | 000,001,366 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-04-25 07:42:58 | 002,269,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-04-24 22:31:33 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010-04-24 22:30:08 | 000,084,120 | ---- | M] () -- C:\Users\Johan\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-04-24 22:10:25 | 000,130,337 | ---- | M] () -- C:\Users\Johan\Desktop\getservices.zip
[2010-04-24 20:15:46 | 000,002,570 | ---- | M] () -- C:\Users\Johan\Desktop\Attach.zip
[2010-04-24 20:15:13 | 000,000,039 | ---- | M] () -- C:\Windows\vbaddin.ini
[2010-04-24 09:32:54 | 000,284,915 | ---- | M] () -- C:\Users\Johan\Desktop\gmer.zip
[2010-04-24 09:20:05 | 000,525,824 | ---- | M] () -- C:\Users\Johan\Desktop\dds.scr
[2010-04-24 08:59:57 | 000,294,764 | ---- | M] () -- C:\Windows\System32\perfi01D.dat
[2010-04-24 08:59:57 | 000,037,052 | ---- | M] () -- C:\Windows\System32\perfd01D.dat
[2010-04-23 10:24:44 | 111,802,385 | ---- | M] () -- C:\Users\Johan\Desktop\Cluster3Dmodel_100315_1620.nwd
[2010-04-23 10:22:07 | 000,061,878 | ---- | M] () -- C:\Users\Johan\Desktop\Cluster3Dmodel_100315_1620.jpg
[2010-04-23 09:41:49 | 000,000,036 | ---- | M] () -- C:\Users\Johan\AppData\Local\housecall.guid.cache
[2010-04-23 09:41:23 | 001,870,688 | ---- | M] (Trend Micro Inc.) -- C:\Users\Johan\Desktop\HousecallLauncher.exe
[2010-04-23 09:32:57 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Johan\Desktop\HiJack-This.exe
[2010-04-23 09:28:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-04-23 09:24:34 | 000,002,039 | ---- | M] () -- C:\Users\Johan\Desktop\HijackThis.lnk
[2010-04-23 06:16:42 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-04-18 10:56:50 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010-04-18 08:32:37 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\Windows\System32\drivers\DrvAgent32.sys
[2010-04-15 23:34:08 | 000,648,704 | ---- | M] () -- C:\Users\Johan\Documents\Drawing1.vsd
[2010-04-15 14:34:37 | 1920,305,767 | ---- | M] () -- C:\Users\Johan\Desktop\Autodesk_Navisworks_Manage_2011_Multilingual_Win_32bit.exe
[2010-04-14 15:41:58 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI
[2010-04-14 06:31:34 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010-04-11 17:47:23 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-04-11 17:47:23 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010-04-11 17:47:22 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010-04-11 17:47:16 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-04-11 17:47:14 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-04-11 17:47:14 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-04-10 22:56:47 | 000,524,288 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010-04-10 22:56:47 | 000,524,288 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010-04-10 22:56:47 | 000,065,536 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010-04-10 21:53:53 | 000,000,020 | -HS- | M] () -- C:\Users\Johan\ntuser.ini
[2010-04-10 21:47:42 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2010-04-24 22:31:33 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010-04-24 22:10:25 | 000,130,337 | ---- | C] () -- C:\Users\Johan\Desktop\getservices.zip
[2010-04-24 20:15:46 | 000,002,570 | ---- | C] () -- C:\Users\Johan\Desktop\Attach.zip
[2010-04-24 19:59:36 | 000,617,198 | ---- | C] () -- C:\Windows\System32\perfh01D.dat
[2010-04-24 19:59:36 | 000,294,764 | ---- | C] () -- C:\Windows\System32\perfi01D.dat
[2010-04-24 19:59:36 | 000,120,576 | ---- | C] () -- C:\Windows\System32\perfc01D.dat
[2010-04-24 19:59:36 | 000,037,052 | ---- | C] () -- C:\Windows\System32\perfd01D.dat
[2010-04-24 09:33:14 | 000,293,376 | ---- | C] () -- C:\Users\Johan\Desktop\gmer.exe
[2010-04-24 09:32:54 | 000,284,915 | ---- | C] () -- C:\Users\Johan\Desktop\gmer.zip
[2010-04-24 09:20:05 | 000,525,824 | ---- | C] () -- C:\Users\Johan\Desktop\dds.scr
[2010-04-23 10:21:22 | 000,061,878 | ---- | C] () -- C:\Users\Johan\Desktop\Cluster3Dmodel_100315_1620.jpg
[2010-04-23 09:41:49 | 000,000,036 | ---- | C] () -- C:\Users\Johan\AppData\Local\housecall.guid.cache
[2010-04-23 09:28:18 | 111,802,385 | ---- | C] () -- C:\Users\Johan\Desktop\Cluster3Dmodel_100315_1620.nwd
[2010-04-23 09:28:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010-04-23 09:24:34 | 000,002,039 | ---- | C] () -- C:\Users\Johan\Desktop\HijackThis.lnk
[2010-04-18 08:46:37 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2010-04-18 08:46:20 | 000,000,164 | ---- | C] () -- C:\Windows\avrack.ini
[2010-04-18 08:46:13 | 000,141,016 | ---- | C] () -- C:\Windows\System32\alsndmgr.wav
[2010-04-15 20:55:22 | 000,648,704 | ---- | C] () -- C:\Users\Johan\Documents\Drawing1.vsd
[2010-04-15 14:00:43 | 1920,305,767 | ---- | C] () -- C:\Users\Johan\Desktop\Autodesk_Navisworks_Manage_2011_Multilingual_Win_32bit.exe
[2010-04-15 13:22:57 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010-04-15 13:22:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010-04-15 13:22:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010-04-15 13:22:57 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010-04-15 13:22:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010-04-14 15:41:58 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-04-13 18:43:21 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-04-12 06:33:42 | 000,026,624 | ---- | C] () -- C:\Windows\System32\VNCpm.dll
[2010-04-11 17:47:23 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010-04-11 17:47:14 | 059,241,570 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-04-11 17:47:14 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-04-10 21:53:53 | 002,883,584 | -HS- | C] () -- C:\Users\Johan\NTUSER.DAT
[2010-04-10 21:53:53 | 000,524,288 | -HS- | C] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010-04-10 21:53:53 | 000,524,288 | -HS- | C] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010-04-10 21:53:53 | 000,262,144 | -HS- | C] () -- C:\Users\Johan\ntuser.dat.LOG1
[2010-04-10 21:53:53 | 000,065,536 | -HS- | C] () -- C:\Users\Johan\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010-04-10 21:53:53 | 000,000,020 | -HS- | C] () -- C:\Users\Johan\ntuser.ini
[2010-04-10 21:53:53 | 000,000,000 | -HS- | C] () -- C:\Users\Johan\ntuser.dat.LOG2
[2010-04-10 21:45:21 | 1610,260,480 | -HS- | C] () -- C:\hiberfil.sys
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-04-14 07:43:32 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll

========== LOP Check ==========

[2010-04-23 08:32:41 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Autodesk
[2010-04-23 08:32:50 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Autodesk Navisworks Freedom 2011
[2010-04-23 08:31:55 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Autodesk Navisworks Manage 2011
[2010-04-13 18:40:58 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\AVG9
[2010-04-25 07:36:09 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\BitComet
[2010-04-14 06:40:33 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\DAEMON Tools Lite
[2010-04-13 18:43:03 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\DAEMON Tools Pro
[2010-04-12 20:41:46 | 000,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Opera
[2009-07-14 06:53:46 | 000,007,060 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 2010-04-30 21:34:02 - Run 1
OTL by OldTimer - Version 3.2.3.1 Folder = C:\Users\Johan\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 64,10 Gb Free Space | 43,01% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 175,54 Gb Free Space | 94,22% Space Free | Partition Type: NTFS
Drive E: | 2,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 186,31 Gb Total Space | 99,68 Gb Free Space | 53,50% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHAN-PC
Current User Name: Johan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0D4B37-1D9A-4FB0-A232-61932F92CD21}" = Autodesk Navisworks Manage 2011 (32 bit) 2011 DWG File Reader
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D9AD604-560C-0000-AAA8-C0043D41F03A}" = Autodesk Navisworks Manage 2011 (32 bit) 2010 DWG File Reader
"{0E93710D-31E5-477C-8A4B-5032B484BE74}" = Windows Live inloggningsassistenten
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30499511-7C2F-40F7-8BF7-262A87070B40}" = Autodesk Navisworks Manage 2011 (32 bit) 2008 DWG File Reader
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35738946-FE22-0000-8916-2CE9119C21D5}" = Autodesk Navisworks Freedom 2011
"{35738946-FE22-0409-8916-2CE9119C21D5}" = Autodesk Navisworks Freedom 2011 English Language Pack
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3CEBAF73-715A-4AC0-BB14-C9AC6B7D453F}" = Autodesk Navisworks Manage 2011 (32 bit) 2009 DWG File Reader
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5A70922D-9365-43CC-ADA9-CB84E4A54E4E}" = Windows Live Essentials
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8C3B5851-5A51-4FF6-A3C8-3422EE2D0109}" = Autodesk Navisworks 2011 2004-6 DWG File Reader Runtimes
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9709ACB8-430D-4136-A610-F218E4A33CC5}" = Autodesk Navisworks Manage 2011 (32 bit) 2004 DWG File Reader
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_930" = Adobe Acrobat 9.3.0 - CPSID_52073
"{AC76BA86-7AD7-1053-7B44-A93000000001}" = Adobe Reader 9.3.2 - Svenska
"{AD7D1D0E-B328-4955-87A1-BD5AF49E53CD}" = Autodesk Navisworks Manage 2011 (32 bit) 2005 DWG File Reader
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C037F379-977E-0000-8901-BE4EA1969492}" = Autodesk Navisworks Manage 2011
"{C037F379-977E-0409-8901-BE4EA1969492}" = Autodesk Navisworks Manage 2011 English Language Pack
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DDBE4C11-8D5E-44A2-A342-AF12145E9118}" = Autodesk Navisworks Manage 2011 (32 bit) 2006 DWG File Reader
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E40F6EE7-A781-4B01-A12A-B777E5BE69CD}" = Autodesk Navisworks Manage 2011 (32 bit) 2007 DWG File Reader
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EAFA85AA-CCF3-0000-8D4F-4557F945C865}" = Autodesk Navisworks 2011 32 bit Exporter Plug-ins
"{EAFA85AA-CCF3-0409-8D4F-4557F945C865}" = Autodesk Navisworks 2011 32 bit Exporter Plug-ins English Language Pack
"{EC928237-A3BD-4640-ABD0-E49E758F2315}" = Windows Live Messenger
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Akamai" = Akamai NetSession Interface
"Autodesk Navisworks 2011 32 bit Exporter Plug-ins" = Autodesk Navisworks 2011 32 bit Exporter Plug-ins
"Autodesk Navisworks Freedom 2011" = Autodesk Navisworks Freedom 2011
"Autodesk Navisworks Manage 2011" = Autodesk Navisworks Manage 2011
"AVG9Uninstall" = AVG 9.0
"BitComet" = BitComet 1.20
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DriverAgent.exe" = DriverAgent by eSupport.com
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RealVNC_is1" = VNC Enterprise Edition E4.5.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"VISPRO" = Microsoft Office Visio Professional 2007
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-04-23 02:03:43 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: AuthFailureException: Authentication failure

Error - 2010-04-23 02:03:49 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: Client asked for invalid protocol version 3.5

Error - 2010-04-23 02:03:49 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: Assuming compatibility with version 3.3

Error - 2010-04-23 02:03:49 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: AuthFailureException: Authentication failure

Error - 2010-04-23 02:03:54 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: Client asked for invalid protocol version 3.5

Error - 2010-04-23 02:03:54 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: Assuming compatibility with version 3.3

Error - 2010-04-23 02:03:54 | Computer Name = Johan-PC | Source = WinVNC4 | ID = 1
Description = SConnection: AuthFailureException: Authentication failure

Error - 2010-04-24 02:44:30 | Computer Name = Johan-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 2010-04-24 02:49:46 | Computer Name = Johan-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 2010-04-24 14:58:28 | Computer Name = Johan-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 2010-04-24 02:49:52 | Computer Name = Johan-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: The 2007 Microsoft Office Suite Service Pack 2 (SP2).

Error - 2010-04-24 13:54:58 | Computer Name = Johan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:51:49 on ?2010-?04-?24 was unexpected.

Error - 2010-04-24 13:55:34 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the SBSD
Security Center Service service to connect.

Error - 2010-04-24 13:55:34 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7000
Description = The SBSD Security Center Service service failed to start due to the
following error: %%1053

Error - 2010-04-24 13:57:08 | Computer Name = Johan-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = CBS Client initialization failed. Last error: 0x8007045b

Error - 2010-04-24 13:57:10 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 2010-04-24 15:34:02 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Defender service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 2010-04-24 15:59:05 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the avg9wd service.

Error - 2010-04-24 15:59:06 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 2010-04-25 01:40:33 | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.


< End of report >



#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 PM

Posted 30 April 2010 - 03:08 PM

This log shows that the hosts file is fine and the hijack elements are gone. dry.gif

Let's take a look at the registry and see what's been attached.

Open Notepad (go to Start > Run and type in Notepad and click OK).
Copy/paste the following text inside the code box into a new notepad document.

CODE
@ECHO OFF
regedit /e look1.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes"
regedit /e look2.txt "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes"
Type look*.txt >log.txt
start log.txt
del look1.txt look2.txt
del %0
  • Go to the File menu at the top of the Notepad and select Save as.
  • Select save in: desktop
  • Fill in File name: look.bat
  • Save as type: All file types (*.*)
  • Click save
  • Close the Notepad.
  • Locate look.bat on the desktop.
  • Right-click to run it as administrator.
  • A notepad opens, copy and paste the content (log.txt) to your reply.

Posted Image
m0le is a proud member of UNITE

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 PM

Posted 03 May 2010 - 03:30 PM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:42 PM

Posted 05 May 2010 - 06:45 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. smile.gif

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users