Inactive google redirect virus

broni · 2010/11/26

Exactly.

Good news though

light · 2010/11/26

OTL logfile created on: 2010-11-26 14:56:56 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

1*015,00 Mb Total Physical Memory | 338,00 Mb Available Physical Memory | 33,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 72,06 Gb Total Space | 11,87 Gb Free Space | 16,47% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 33,26 Gb Free Space | 46,16% Space Free | Partition Type: NTFS
Drive F: | 757,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MAGNUS | User Name: magnus gunnarsson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010-11-26 14:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads\OTL.exe
PRC - [2010-10-24 16:51:28 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010-10-14 09:11:39 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- D:\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2010-09-28 21:33:02 | 002,407,632 | ---- | M] (IObit) -- D:\Advanced SystemCare 3\AWC.exe
PRC - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-07-22 23:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010-07-04 10:49:16 | 000,398,568 | ---- | M] (tzuk) -- D:\sanboxie 3.50\SbieCtrl.exe
PRC - [2010-07-04 10:49:14 | 000,075,496 | ---- | M] (tzuk) -- D:\sanboxie 3.50\SbieSvc.exe
PRC - [2010-05-14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2010-04-22 12:22:58 | 000,267,432 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools Lite\DTLite.exe
PRC - [2010-03-30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- D:\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010-03-02 09:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-01-14 20:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-04-16 18:46:30 | 000,630,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2009-04-16 17:58:54 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program\EeePC\ACPI\AsTray.exe
PRC - [2009-03-13 15:15:02 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program\EeePC\ACPI\AsEPCMon.exe
PRC - [2008-07-06 17:31:02 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Program\Mouse Driver\KMProcess.exe
PRC - [2008-06-23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program\Mouse Driver\KMWDSrv.exe
PRC - [2008-06-14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program\Mouse Driver\KMCONFIG.exe
PRC - [2008-05-30 01:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program\Mouse Driver\StartAutorun.exe
PRC - [2008-04-15 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-02-15 11:46:16 | 000,163,840 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2006-04-21 20:06:14 | 000,069,632 | ---- | M] () -- C:\Program\Microsoft Private Folder 1.0\PrfldSvc.exe
PRC - [2005-08-11 15:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

========== Modules (SafeList) ==========

MOD - [2010-11-26 14:54:58 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads\OTL.exe
MOD - [2010-08-23 17:12:54 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [1999-03-29 06:34:06 | 000,110,595 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Msscript1.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-07-04 10:49:14 | 000,075,496 | ---- | M] (tzuk) [Auto | Running] -- D:\sanboxie 3.50\SbieSvc.exe -- (SbieSvc)
SRV - [2010-04-22 12:22:58 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-04-05 23:41:46 | 000,116,224 | ---- | M] (Brio) [Disabled | Stopped] -- D:\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2010-03-30 10:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-24 08:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- D:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009-02-06 17:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009-01-14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008-06-23 21:28:08 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008-06-19 16:05:04 | 000,769,024 | ---- | M] () [Disabled | Stopped] -- C:\Program\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2008-06-04 18:28:14 | 000,069,735 | ---- | M] () [Disabled | Stopped] -- C:\Program\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2006-04-21 20:06:14 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program\Microsoft Private Folder 1.0\PrfldSvc.exe -- (prfldsvc)
SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\VL807.sys -- (VL807)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\GWHid.sys -- (GWHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btaudio.sys -- (btaudio)
DRV - [2010-07-04 10:49:10 | 000,119,016 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- D:\sanboxie 3.50\SbieDrv.sys -- (SbieDrv)
DRV - [2010-05-12 14:48:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-05-10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010-03-14 14:24:14 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-03-14 14:24:13 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-03-01 08:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-02-17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010-02-16 12:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-02-11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010-02-03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-01-10 20:40:02 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
DRV - [2009-12-17 15:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2009-12-17 15:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009-12-17 15:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009-07-17 15:23:46 | 000,476,544 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2009-07-10 20:33:36 | 001,015,424 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2009-07-06 09:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009-05-23 00:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009-05-11 10:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- D:\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009-05-11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-04-27 12:26:44 | 005,074,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009-04-09 14:14:28 | 000,208,816 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009-03-30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009-03-13 22:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009-03-13 15:32:18 | 001,759,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009-03-02 06:03:47 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009-02-06 17:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008-11-19 09:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf)
DRV - [2008-09-12 06:32:56 | 000,327,192 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2008-08-05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008-04-15 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-04-08 14:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008-03-22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2008-03-06 17:04:04 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2008-02-15 12:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008-01-21 19:28:12 | 000,014,600 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2008-01-21 19:28:08 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008-01-21 19:28:04 | 000,021,512 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008-01-21 19:27:56 | 000,029,960 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2008-01-21 19:27:50 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2006-04-21 07:22:24 | 000,070,912 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\prvflder.sys -- (Prvflder)
DRV - [2006-01-04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search "
FF - prefs.js..browser.startup.homepage: "http://www.hackthissite.org/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: yyginstantplay@yoyogames.com:1.1.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: WurlBar@playwurl.com:2.0.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.5.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.http: "127.0.0.1 "
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program\Mozilla Firefox\components [2010-11-17 17:04:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2010-11-07 12:10:06 | 000,000,000 | ---D | M]

[2010-03-28 19:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Extensions
[2010-11-19 15:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions
[2010-05-27 05:02:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-05-16 00:19:16 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{618D522B-652C-4e19-9194-048700B12ED6}
[2010-10-11 16:07:46 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-11-11 17:28:11 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010-11-05 12:48:05 | 000,000,000 | ---D | M] (uTorrentBar Toolbar) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010-11-07 11:38:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-05-12 14:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\DTToolbar@toolbarnet.com
[2010-11-07 13:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\firebug@software.joehewitt.com
[2010-06-04 21:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\WurlBar@playwurl.com
[2010-04-03 18:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\extensions\yyginstantplay@yoyogames.com
[2010-05-12 14:48:49 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mozilla\Firefox\Profiles\jw1t28dz.default\searchplugins\daemon-search.xml
[2010-11-19 15:05:12 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions
[2010-04-15 14:28:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-10-08 16:37:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-17 16:58:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-22 17:17:56 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml
[2010-10-22 17:17:56 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml
[2010-10-22 17:17:56 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml
[2010-10-22 17:17:56 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml
[2010-10-22 17:17:56 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: ([2010-11-25 22:38:16 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\Msdxm6.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AsusACPIServer] C:\Program\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program\Delade filer\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program\Delade filer\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KMCONFIG] C:\Program\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [Advanced SystemCare 3] D:\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadwin PrintScreen] D:\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - HKCU..\Run: [SandboxieControl] D:\sanboxie 3.50\SbieCtrl.exe (tzuk)
O4 - HKCU..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPopUpsOnBoot = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program\Delade filer\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Value error. File not found
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program\Delade filer\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program\Delade filer\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in TillfÃ¶rlitliga platser)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\Msdxm6.ocx (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\SUPERAntiSpyware\SASWINLO.DLL - D:\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-09-01 03:05:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll File not found
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll File not found
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2010-11-25 23:31:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-11-25 22:55:10 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware
[2010-11-25 22:30:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-11-25 22:06:20 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-11-25 22:06:20 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-11-25 22:06:20 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-11-25 22:06:20 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-11-24 13:13:07 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2010-11-21 13:47:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Mario_and_Luigi_Bowsers_Inside_Story_EUR_NDS-XPA
[2010-11-19 21:18:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\WOL
[2010-11-19 15:41:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2010-11-16 22:57:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-11-16 18:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\temp file
[2010-11-14 18:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010-11-14 18:27:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010-11-14 17:04:57 | 000,000,000 | ---D | C] -- C:\gmod
[2010-11-14 14:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\bpl amnesia vid
[2010-11-14 11:49:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\magnus gunnarsson\Recent
[2010-11-14 11:26:44 | 000,000,000 | ---D | C] -- C:\Program\CCleaner
[2010-11-12 17:37:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dokument\Server
[2010-11-11 22:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\APT
[2010-11-11 22:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Lokala instÃ¤llningar\Application Data\uTorrentBar
[2010-11-11 21:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\jagexlauncher
[2010-11-11 17:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\kikin
[2010-11-11 17:28:07 | 000,000,000 | ---D | C] -- C:\Program\kikin
[2010-11-08 00:24:03 | 000,385,024 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_xml.dll
[2010-11-08 00:24:03 | 000,360,448 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx4ole14.ocx
[2010-11-08 00:24:02 | 000,552,960 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_rtf.dll
[2010-11-08 00:24:02 | 000,217,088 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_tls.dll
[2010-11-08 00:24:02 | 000,073,728 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_tif.flt
[2010-11-08 00:24:02 | 000,065,536 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_wnd.dll
[2010-11-08 00:24:02 | 000,053,248 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_wmf.flt
[2010-11-08 00:24:01 | 000,610,304 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_pdf.dll
[2010-11-08 00:24:01 | 000,327,680 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_obj.dll
[2010-11-08 00:24:01 | 000,253,952 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_png.flt
[2010-11-08 00:24:01 | 000,200,704 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_jpg.flt
[2010-11-08 00:24:01 | 000,131,072 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_ic.dll
[2010-11-08 00:24:00 | 001,056,768 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_dox.dll
[2010-11-08 00:24:00 | 000,249,856 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_htm.dll
[2010-11-08 00:24:00 | 000,057,344 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_gif.flt
[2010-11-08 00:23:59 | 000,667,648 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_doc.dll
[2010-11-08 00:23:59 | 000,331,776 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_css.dll
[2010-11-08 00:23:59 | 000,061,440 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14_bmp.flt
[2010-11-08 00:23:58 | 000,765,952 | ---- | C] (The Imaging Source Europe GmbH) -- C:\WINDOWS\System32\tx14.dll
[2010-11-06 18:54:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Paint.NET
[2010-11-05 13:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\file
[2010-11-05 12:48:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Conduit
[2010-11-04 15:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\PlaneShift
[2010-11-04 15:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CrystalSpace
[2010-11-04 15:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CrystalApp
[2010-11-04 14:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\treasurechest
[2010-11-04 14:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\Amnesia
[2010-11-02 19:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\Myst V Demo
[2010-11-02 19:22:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\SecuROM
[2010-11-02 19:22:10 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-11-01 20:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Application Data\.minecraft
[2010-11-01 20:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\minecraft
[2010-10-30 12:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\temp_minecraft
[2010-10-30 09:54:40 | 000,000,000 | ---D | C] -- C:\Program\Microsoft XNA
[2010-10-29 22:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Ny mapp
[2010-10-28 13:12:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\MCEdit-schematics
[2010-10-27 19:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\magnus gunnarsson\.idlerc
[2009-09-01 05:53:40 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009-09-01 05:53:38 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-11-26 15:01:00 | 000,002,227 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Skype.lnk
[2010-11-26 14:48:30 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-26 14:45:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-26 14:45:45 | 1064,554,496 | -HS- | M] () -- C:\hiberfil.sys
[2010-11-26 00:31:01 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-25 23:31:22 | 000,000,533 | RHS- | M] () -- C:\boot.ini
[2010-11-25 23:25:42 | 003,908,662 | R--- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\ComboFix.exe
[2010-11-25 22:55:19 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-11-25 22:38:16 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-11-25 20:09:08 | 000,000,117 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\jagex_runescape_preferences2.dat
[2010-11-25 20:09:08 | 000,000,046 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\jagex_runescape_preferences.dat
[2010-11-24 15:46:22 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\HDD Control.lnk
[2010-11-24 15:32:56 | 000,016,650 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\temp.gmk
[2010-11-24 15:27:27 | 000,016,521 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\temp.gb1
[2010-11-23 19:25:00 | 000,163,941 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\planetary dodger -mission.gb1
[2010-11-22 17:03:13 | 000,001,104 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\mcedit.ini
[2010-11-22 16:39:33 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\MCEdit.lnk
[2010-11-21 20:35:22 | 000,004,069 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\hÃ¤mta .jpg
[2010-11-21 20:13:55 | 003,353,408 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Zombie Bio Apocalypse.exe
[2010-11-20 21:48:50 | 000,159,232 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-20 12:47:25 | 000,000,023 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\jagexappletviewer.preferences
[2010-11-19 15:17:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-18 22:34:04 | 000,131,584 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010-11-18 22:31:13 | 000,007,960 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010-11-18 22:03:04 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-18 21:08:30 | 000,000,582 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Paint.NET.lnk
[2010-11-18 15:42:31 | 000,569,598 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2010-11-18 15:42:31 | 000,568,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-18 15:42:31 | 000,127,684 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2010-11-18 15:42:31 | 000,113,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-16 18:17:05 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Free Screen Video Capture by Topviewsoft.lnk
[2010-11-15 15:36:34 | 000,166,092 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\APT.exe
[2010-11-14 14:42:20 | 000,053,312 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Bild002.jpg
[2010-11-14 14:42:12 | 000,052,960 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Bild001.jpg
[2010-11-14 12:38:45 | 000,034,348 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-11-11 17:41:07 | 000,000,484 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Counter-Strike 2D.lnk
[2010-11-08 19:35:03 | 000,000,790 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010-11-08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010-11-07 12:51:44 | 000,000,479 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\test.html
[2010-11-06 18:26:58 | 000,269,824 | ---- | M] () -- C:\WINDOWS\shdll.exe
[2010-11-06 18:17:47 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\ScreenSa.lnk
[2010-11-05 22:31:57 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010-11-05 16:01:34 | 000,000,484 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Massive Mod.lnk
[2010-11-05 11:46:33 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\minecraft.lnk
[2010-11-02 19:30:58 | 000,000,000 | ---- | M] () -- C:\WINDOWS\vpd.properties
[2010-11-02 19:22:10 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010-11-02 12:00:32 | 000,159,464 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\MinecraftSP (gogasos).rar
[2010-11-01 20:45:05 | 000,001,115 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\INVedit.lnk
[2010-10-30 12:22:00 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Microsoft\Internet Explorer\Quick Launch\GIF TO AVI SWF Converter.lnk
[2010-10-28 16:14:42 | 000,000,487 | ---- | M] () -- C:\Boot.bak
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

light · 2010/11/26

OTL Extras logfile created on: 2010-11-26 14:56:56 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

1*015,00 Mb Total Physical Memory | 338,00 Mb Available Physical Memory | 33,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 72,06 Gb Total Space | 11,87 Gb Free Space | 16,47% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 33,26 Gb Free Space | 46,16% Space Free | Partition Type: NTFS
Drive F: | 757,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MAGNUS | User Name: magnus gunnarsson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"57493:TCP" = 57493:TCP:*:Enabledando Media Booster
"57493:UDP" = 57493:UDP:*:Enabledando Media Booster
"36963:UDP" = 36963:UDP:*:Enabled:CounterStrike2D
"16151:TCP" = 16151:TCP:*:Enabledpen port
"15161:TCP" = 15161:TCP:*:Enableden port
"16151:UDP" = 16151:UDP:*:Enabledpen port
"3105:TCP" = 3105:TCP:*:Enabled:firewall/nat
"3105:UDP" = 3105:UDP:*:Enabled:firewall
"2039:TCP" = 2039:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\temp\alg.exe" = C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\temp\alg.exe:*:Enabled:Application Layer Gateway Service -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program\Java\jdk1.6.0_18\bin\javaw.exe" = C:\Program\Java\jdk1.6.0_18\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program\Pando Networks\Media Booster\PMB.exe" = C:\Program\Pando Networks\Media Booster\PMB.exe:*:Enabledando Media Booster -- ()
"D:\bnw\runblack.exe" = D:\bnw\runblack.exe:*:Enabled:lh -- (LionHead Studios Ltd.)
"D:\GameCQ\.Cache\DarkSpace\DarkSpaceClient.exe" = D:\GameCQ\.Cache\DarkSpace\DarkSpaceClient.exe:*:Enabled:Client -- ()
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*isabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\Soldat\Soldat.exe" = D:\Soldat\Soldat.exe:*:Enabled:http://soldat.pl -- (Michal Marcinkowski)
"D:\YSFLIGHT\fsmaindx.exe" = D:\YSFLIGHT\fsmaindx.exe:*:Enabled:fsmaindx -- ()
"C:\Program\IVT Corporation\BlueSoleil\BlueSoleilCS.exe" = C:\Program\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS -- ()
"D:\YSFLIGHT\fsmain.exe" = D:\YSFLIGHT\fsmain.exe:*:Enabled:fsmain -- ()
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\magnus gunnarsson\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Documents and Settings\magnus gunnarsson\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Program\TeamViewer\Version5\TeamViewer.exe" = C:\Program\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\RndLabs\BaboViolent 2\bv2.exe" = D:\RndLabs\BaboViolent 2\bv2.exe:*:Enabled:bv2 -- ()
"C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads\PortForward.exe" = C:\Documents and Settings\magnus gunnarsson\Mina dokument\Downloads\PortForward.exe:*:EnabledortForward -- (Spider IT)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program\Sun\VirtualBox\VirtualBox.exe" = C:\Program\Sun\VirtualBox\VirtualBox.exe:*:Enabled:VirtualBox GUI -- (Sun Microsystems, Inc.)
"D:\Command & Conquer Tiberian Sun\GAME.EXE" = D:\Command & Conquer Tiberian Sun\GAME.EXE:*:Enabled:Main executable for Tiberian Sun -- (Westwood Studios)
"D:\darkeden\darkeden.exe" = D:\darkeden\darkeden.exe:*:EnabledarkEden -- (Softon)
"D:\Age of Empires II\empires2.exe" = D:\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II -- (Microsoft Corporation)
"D:\Age of Empires II\age2_x1\age2_x1.exe" = D:\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"\\NETWORKSPACE\MYSHARE\magnus\spel program\rise of nation installer\RISE.EXE" = \\NETWORKSPACE\MYSHARE\magnus\spel program\rise of nation installer\RISE.EXE:*:Enabled:RISE.EXE
"D:\Digital Illusions CE AB\Rally Masters\Server\LobbyServer.EXE" = D:\Digital Illusions CE AB\Rally Masters\Server\LobbyServer.EXE:*:Enabled:LobbyServer -- ()
"C:\Program\Google\Google Earth\client\googleearth.exe" = C:\Program\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\iTunes\iTunes.exe" = D:\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\open_TTD\openttd.exe" = D:\open_TTD\openttd.exe:*:Enabled:OpenTTD -- (OpenTTD Development Team)
"C:\Program\Java\jre6\bin\javaw.exe" = C:\Program\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Nexuiz\nexuiz-sdl.exe" = D:\Nexuiz\nexuiz-sdl.exe:*:Enabled:Nexuiz -- ()
"D:\Nexuiz\nexuiz.exe" = D:\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz -- ()
"D:\air_attack\rsync.exe" = D:\air_attack\rsync.exe:*:Enabled:rsync -- (Ketsujin Studios)
"C:\gmod\hl2.exe" = C:\gmod\hl2.exe:*:Enabled:Garry's_Mod -- ()
"C:\gmod\srcds.exe" = C:\gmod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server -- ()
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\magnus gunnarsson\Skrivbord\meinKraft_v2.2\meinkraft.exe" = C:\Documents and Settings\magnus gunnarsson\Skrivbord\meinKraft_v2.2\meinkraft.exe:*:Enabled:meinkraft -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1" = Free Screen Video Capture by Topviewsoft 1.1.7
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29D3773E-54F4-23C2-D523-236A4453B844}_is1" = FileAlyzer
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C1B58D5-6549-472C-86B7-17BE57186628}" = Microsoft Works
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2E0DFC24-7C4B-4DCF-BCC7-81C513BED3BC}" = Python 2.5.4
"{318D767D-8A18-4C5D-8238-49F4CBEA0E9E}" = Rally Masters
"{350C941D-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EF35847-CA9F-43A1-AFB0-AFA067678518}" = Say-Now
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.0.4
"{6151cf20-0bd8-4023-a4a0-6a86dcfe58e5}" = Python 2.6.6
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1" = Counter-Strike 2D 0.1.1.8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam 0.3.3
"{90120000-0010-041D-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Swedish) 12
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A84291F6-3898-40E5-B334-A9E4D9304494}" = Sapi
"{A94A230D-0D86-4A6B-822A-E6F1DE4343B6}" = Scrolling LED Bitmap Generator
"{AAFC2EBB-BC24-464F-BFFA-AED35B1437C4}" = Rally Masters Patch
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.04.28
"{AC76BA86-7AD7-1053-7B44-A82000000003}" = Adobe Reader 8.2.5 - Svenska
"{ADD72094-D289-4714-A62E-70574478A2BC}" = System Requirements Lab for Intel
"{B09B47DC-8775-9A6D-C482-1265E615E87D}" = Creeper World DEMO
"{B1AD83A0-DC92-41E3-B111-E9472349768C}" = RollerCoaster Tycoon 2
"{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}" = RollerCoaster Tycoon 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7DD94A8-F775-426C-B56C-8E555A59F9E2}" = Garmin Communicator Plugin
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1" = Stranded II 1.0.0.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin 2.5
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E70E50E7-7E91-4561-A5D9-2E12C94CB677}_is1" = GIF TO AVI SWF Converter 3.2.2
"{EF581945-BBE9-11D5-A7FE-50275FC10000}" = Capitalism II
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Adventure Maker v4.5.2_is1" = Adventure Maker v4.5.2 (build1)
"Age of Empires II & The Conquerors Expansion" = Age of Empires II & The Conquerors Expansion
"Air Attack" = Air Attack
"ASIO4ALL" = ASIO4ALL
"ASUS VIBE" = ASUS VIBE
"Avidemux 2.5" = Avidemux 2.5
"Blender" = Blender (remove only)
"CCleaner" = CCleaner
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"Continuum_is1" = Continuum 0.40
"CreeperWorldDEMO.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1" = Creeper World DEMO
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Download Manager" = Download Manager 2.3.10
"EASEUS Data Recovery Wizard Free Edition 5.0.1_is1" = EASEUS Data Recovery Wizard Free Edition 5.0.1
"Easy GIF Animator Pro_is1" = Easy GIF Animator 4.6 Pro
"FLV To 3GP_is1" = FLV To 3GP 5.0
"Gadwin PrintScreen" = Gadwin PrintScreen
"Game Booster_is1" = Game Booster
"Game Speed Adjuster_is1" = Game Speed Adjuster version 1.0
"Glary Registry Repair_is1" = Glary Registry Repair 3.3.0.852
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only)
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Minecraft 1.2.0_02" = Minecraft 1.2.0_02
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MS Access 97 SP2" = MS Access 97 SP2
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"OpenLibraries" = OpenLibraries
"OpenTTD" = OpenTTD 1.0.4
"PFConfig" = PFConfig 1.0.296
"Phun_is1" = Algodoo Phun edition v5.28
"Phyire mod 2.8.1" = Phyire mod 2.8.1
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"RKU" = Rootkit Unhooker Uninstall
"S4Uninst" = The Settlers IV
"Sandboxie" = Sandboxie 3.46
"SimCity 3000" = SimCity 3000
"SSIII Solo Ultratus" = SSIII Solo Ultratus 1.2
"Steam" = Steam
"SystemRequirementsLab" = System Requirements Lab
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Universal Extractor_is1" = Universal Extractor 1.6.1
"WChat" = Westwood Online
"VDMSound" = VDMSound
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9C
"Visual Zip Password Recovery Processor" = Visual Zip Password Recovery Processor
"WOLAPI" = Westwood Shared Internet Components

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"0ab0d8ee81bf7060" = SkypeAnime v1.4
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Battle for Wesnoth 1.8.1" = Battle for Wesnoth 1.8.1
"Facebook Plug-In" = Facebook Plug-In
"Forgotten Elements" = Forgotten Elements
"Google Chrome" = Google Chrome
"PyYAML-py2.5" = Python 2.5 PyYAML-3.09
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-11-16 20:16:48 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program chrome.exe, version 0.0.0.0, felaktig modul chrome.dll,
version 5.0.375.125, felaktig adress 0x0039d049.

Error - 2010-11-17 11:54:04 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program chrome.exe, version 0.0.0.0, felaktig modul chrome.dll,
version 5.0.375.125, felaktig adress 0x0039d049.

Error - 2010-11-18 13:09:48 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program chrome.exe, version 0.0.0.0, felaktig modul chrome.dll,
version 5.0.375.125, felaktig adress 0x0039d049.

Error - 2010-11-19 10:44:36 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program chrome.exe, version 0.0.0.0, felaktig modul chrome.dll,
version 5.0.375.125, felaktig adress 0x0039d049.

Error - 2010-11-24 05:09:47 | Computer Name = MAGNUS | Source = TreasureChest | ID = 1000
Description = Found existing backup - Exiting thread

Error - 2010-11-24 08:10:37 | Computer Name = MAGNUS | Source = crypt32 | ID = 131080
Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret
frÃ¥n: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.
Fel: Ã…tgÃ¤rden misslyckades eftersom tidsgrÃ¤nsen Ã¶verskreds.

Error - 2010-11-24 08:10:37 | Computer Name = MAGNUS | Source = crypt32 | ID = 131080
Description = Det gick inte att automatiskt uppdatera tredjepartsrotlistsekvensnumret
frÃ¥n: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>.
Fel: Det gÃ¥r inte att utfÃ¶ra den begÃ¤rda Ã¥tgÃ¤rden pÃ¥ den angivna servern.

Error - 2010-11-24 11:28:39 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program zmcyd1gy.exe, version 1.0.15.15530, felaktig modul
zmcyd1gy.exe, version 1.0.15.15530, felaktig adress 0x0000cb5d.

Error - 2010-11-25 09:05:57 | Computer Name = MAGNUS | Source = Ci | ID = 4118
Description = Det gick inte att slutfÃ¶ra en avsÃ¶kning av innehÃ¥llet pÃ¥ c:\.

Error - 2010-11-25 17:19:17 | Computer Name = MAGNUS | Source = Application Error | ID = 1000
Description = Felaktigt program explorer.exe, version 6.0.2900.5512, felaktig modul
otcoyd.dll, version 0.0.0.0, felaktig adress 0x00001bbe.

[ System Events ]
Error - 2010-11-25 16:59:03 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten netman med argumenten
fÃ¶r att kÃ¶ra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010-11-25 16:59:06 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten EventSystem med
argumenten fÃ¶r att kÃ¶ra servern: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2010-11-25 16:59:47 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten netman med argumenten
fÃ¶r att kÃ¶ra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010-11-25 17:05:52 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten netman med argumenten
fÃ¶r att kÃ¶ra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010-11-25 17:09:58 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten netman med argumenten
fÃ¶r att kÃ¶ra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010-11-25 17:21:37 | Computer Name = MAGNUS | Source = DCOM | ID = 10005
Description = DCOM fick felet %1084 vid fÃ¶rsÃ¶k att starta tjÃ¤nsten netman med argumenten
fÃ¶r att kÃ¶ra servern: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 2010-11-25 17:31:15 | Computer Name = MAGNUS | Source = PlugPlayManager | ID = 11
Description = Enheten Root\LEGACY_UNLOCKERDRIVER5\0000 togs bort frÃ¥n datorn utan
att fÃ¶rst fÃ¶rberedas fÃ¶r borttagning.

Error - 2010-11-25 17:32:38 | Computer Name = MAGNUS | Source = SRService | ID = 104
Description = Det gick inte att initiera SystemÃ¥terstÃ¤llning.

Error - 2010-11-25 17:32:41 | Computer Name = MAGNUS | Source = Service Control Manager | ID = 7023
Description = TjÃ¤nsten System Restore Service avbrÃ¶ts med fÃ¶ljande fel: %%2

Error - 2010-11-25 18:38:59 | Computer Name = MAGNUS | Source = Service Control Manager | ID = 7034
Description = TjÃ¤nsten Private Folder Service avslutades ovÃ¤ntat. Detta har skett
1 gÃ¥nger.

< End of report >

broni · 2010/11/26

You posted 1st half of OTL.txt log twice. I still need a lower half.

light · 2010/11/28

what the.... ehm are you sure... cause i se both, i tink, but ok
if its ok then i send link to download otl.txt
http://www.mediafire.com/?7g1309s0h2jgvyq

broni · 2010/11/28

========== Files Created - No Company Name ==========

[2010-11-25 22:55:19 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-11-25 22:32:20 | 1064,554,496 | -HS- | C] () -- C:\hiberfil.sys
[2010-11-25 22:06:20 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-11-25 22:06:20 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-11-25 22:06:20 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-11-25 22:06:20 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-11-25 22:06:20 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-11-25 18:10:27 | 003,908,662 | R--- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\ComboFix.exe
[2010-11-24 15:46:22 | 000,000,852 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\HDD Control.lnk
[2010-11-24 15:27:27 | 000,016,650 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\temp.gmk
[2010-11-24 15:27:27 | 000,016,521 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\temp.gb1
[2010-11-22 16:39:33 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\MCEdit.lnk
[2010-11-21 20:43:34 | 000,163,941 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\planetary dodger -mission.gb1
[2010-11-21 20:35:22 | 000,004,069 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\hÃ¤mta .jpg
[2010-11-21 20:13:55 | 003,353,408 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Zombie Bio Apocalypse.exe
[2010-11-18 22:34:04 | 000,131,584 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010-11-16 18:17:05 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Free Screen Video Capture by Topviewsoft.lnk
[2010-11-15 15:36:34 | 000,166,092 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\APT.exe
[2010-11-14 18:30:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-11-14 18:30:20 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010-11-14 18:30:20 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2010-11-14 18:30:20 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010-11-14 18:30:19 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2010-11-14 18:30:19 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010-11-14 13:44:07 | 000,053,312 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Bild002.jpg
[2010-11-14 13:44:07 | 000,052,960 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Bild001.jpg
[2010-11-14 12:38:45 | 000,034,348 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-11-11 21:29:17 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\jagexappletviewer.preferences
[2010-11-11 17:41:07 | 000,000,484 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Counter-Strike 2D.lnk
[2010-11-08 00:24:01 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2010-11-07 12:47:30 | 000,000,479 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\test.html
[2010-11-06 18:55:21 | 000,000,582 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Paint.NET.lnk
[2010-11-06 18:17:47 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\ScreenSa.lnk
[2010-11-06 18:07:47 | 000,269,824 | ---- | C] () -- C:\WINDOWS\shdll.exe
[2010-11-05 16:01:34 | 000,000,484 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\Massive Mod.lnk
[2010-11-05 11:46:33 | 000,001,052 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\minecraft.lnk
[2010-11-02 19:19:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpd.properties
[2010-11-02 12:00:24 | 000,159,464 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\MinecraftSP (gogasos).rar
[2010-11-01 20:45:05 | 000,001,115 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Skrivbord\INVedit.lnk
[2010-10-30 12:22:00 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Microsoft\Internet Explorer\Quick Launch\GIF TO AVI SWF Converter.lnk
[2010-10-28 13:12:27 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Mina dokument\mcedit.ini
[2010-10-08 18:47:37 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\com.codenautics.zombies.txt
[2010-09-21 19:20:31 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2010-09-18 18:27:08 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2010-09-16 21:11:13 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2010-09-15 18:33:06 | 000,006,939 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\.freeciv-client-rc-2.2
[2010-09-11 19:36:17 | 000,000,124 | ---- | C] () -- C:\WINDOWS\EasyVideoEditor.INI
[2010-08-15 12:14:11 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010-08-04 19:10:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Physics101Prefs
[2010-07-11 08:13:48 | 000,011,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsUpIO.sys
[2010-07-07 03:39:45 | 000,000,790 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-06-07 22:06:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mydll.dll
[2010-05-19 16:59:27 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\DofusAppId0_3
[2010-05-18 17:16:47 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\DofusAppId0_1
[2010-05-18 17:14:21 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\D2Info0
[2010-05-18 17:14:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\DofusAppId0_2
[2010-05-18 10:02:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2010-05-17 18:18:00 | 000,000,295 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010-05-12 21:47:42 | 000,793,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala instÃ¤llningar\Application Data\WPFFontCache_v0400-S-1-5-21-880824880-3436134146-2971665550-1006-0.dat
[2010-05-12 21:47:42 | 000,196,026 | ---- | C] () -- C:\Documents and Settings\LocalService\Lokala instÃ¤llningar\Application Data\WPFFontCache_v0400-System.dat
[2010-05-11 16:58:41 | 000,007,960 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010-05-08 12:06:53 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\eebb95b7.dat
[2010-05-07 06:07:06 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\TheHunterSettings.cfg
[2010-04-23 19:40:46 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010-03-23 17:13:37 | 000,000,067 | ---- | C] () -- C:\WINDOWS\swf2avi.INI
[2010-03-23 17:11:54 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010-03-23 17:11:54 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010-03-19 17:03:17 | 000,136,448 | ---- | C] () -- C:\WINDOWS\RMTOOLS.DLL
[2010-03-14 14:24:13 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010-03-14 14:24:13 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010-03-13 11:01:52 | 000,000,121 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2010-03-07 17:03:27 | 000,000,935 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2010-03-04 19:20:45 | 000,139,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-03-04 19:20:45 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\PnkBstrK.sys
[2010-02-18 18:51:09 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2010-02-14 19:02:15 | 000,008,117 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\.civclientrc
[2010-02-04 18:48:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2010-01-13 07:28:41 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010-01-10 20:40:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2010-01-02 09:29:16 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-01-01 17:29:25 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-12-31 18:44:13 | 000,000,083 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\X-Plane Installer.prf
[2009-12-08 17:47:54 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.A026.dll
[2009-12-06 16:46:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2009-12-06 16:46:31 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2009-12-04 07:23:02 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009-12-02 20:20:10 | 000,000,058 | ---- | C] () -- C:\WINDOWS\winvidoi.sys
[2009-11-28 20:04:06 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2009-11-25 21:49:13 | 000,159,232 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-24 19:12:55 | 000,004,260 | ---- | C] () -- C:\WINDOWS\System32\SHORTCUT.INI
[2009-11-24 19:12:20 | 000,000,363 | ---- | C] () -- C:\WINDOWS\System32\REMOTEDEVICE.INI
[2009-11-24 19:11:41 | 000,004,535 | ---- | C] () -- C:\WINDOWS\System32\LOCALSERVICE.INI
[2009-11-24 19:11:31 | 000,000,108 | ---- | C] () -- C:\WINDOWS\System32\LOCALDEVICE.INI
[2009-11-24 19:08:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\BSPRINT.INI
[2009-11-24 01:01:24 | 000,001,412 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\wklnhst.dat
[2009-11-24 00:54:10 | 000,000,146 | ---- | C] () -- C:\Documents and Settings\magnus gunnarsson\Lokala instÃ¤llningar\Application Data\fusioncache.dat
[2009-09-01 07:20:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009-09-01 05:53:40 | 001,759,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009-09-01 05:53:40 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009-09-01 05:53:40 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2009-09-01 05:49:25 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2009-09-01 05:49:25 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2009-09-01 05:33:31 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2009-09-01 04:59:26 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009-09-01 04:52:26 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008-06-19 15:51:20 | 000,000,969 | ---- | C] () -- C:\WINDOWS\System32\bscs.ini
[2008-06-04 18:30:44 | 000,405,589 | ---- | C] () -- C:\WINDOWS\System32\BsUI.dll
[2008-06-04 18:30:22 | 000,278,647 | ---- | C] () -- C:\WINDOWS\System32\outlookAddin.dll
[2008-06-04 18:30:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HtmPrintHelper.dll
[2008-06-04 18:29:48 | 000,622,693 | ---- | C] () -- C:\WINDOWS\System32\BSShell.dll
[2008-06-04 18:27:10 | 000,118,880 | ---- | C] () -- C:\WINDOWS\System32\BsMobileSDK.dll
[2008-06-04 18:27:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\BsMobileCSps.dll
[2008-06-04 18:25:46 | 000,098,403 | ---- | C] () -- C:\WINDOWS\System32\Bs2Res.dll
[2008-03-07 13:54:22 | 017,907,824 | ---- | C] () -- C:\WINDOWS\System32\BsLangInDepRes.dll
[2007-03-19 10:59:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\BsVistaCommon.dll
[2000-01-27 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1998-03-22 13:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

========== LOP Check ==========

[2010-01-24 19:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-02-01 18:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2010-01-01 17:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010-03-21 09:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Earthsim
[2010-05-15 08:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EBI
[2010-02-13 09:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2010-01-20 20:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2010-04-08 10:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009-09-01 05:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2010-08-02 20:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010-05-15 08:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RSMR
[2010-03-23 15:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010-03-28 01:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\System
[2010-07-04 09:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-04-01 15:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010-07-11 09:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010-08-16 16:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames
[2010-01-04 22:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YSFLIGHT.COM
[2010-08-14 20:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-03-28 19:47:20 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-09-15 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\.freeciv
[2010-11-24 12:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\.minecraft
[2010-05-18 17:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\app
[2010-02-01 18:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Ashampoo
[2010-05-15 09:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Asus
[2010-01-07 10:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Atari
[2010-07-19 20:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Auslogics
[2010-09-11 19:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\avidemux
[2010-01-04 22:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\bang
[2010-06-03 20:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Cosmic Supremacy
[2010-02-15 16:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CreeperWorld
[2010-02-15 15:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CreeperWorldDEMO.BA6B793AB2C9FDD744493F22666C1F8DFA806A5E.1
[2010-11-04 15:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CrystalApp
[2010-11-04 15:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\CrystalSpace
[2010-01-01 17:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\DAEMON Tools Lite
[2010-09-18 22:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dev-Cpp
[2010-05-19 17:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dofus 2
[2010-05-18 17:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010-05-19 16:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010-05-18 17:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010-07-16 09:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\DreamJournal
[2010-07-16 19:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Dude
[2010-03-21 09:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Earthsim
[2010-05-29 21:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Facebook
[2010-09-25 23:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\fizzy
[2009-11-25 07:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\flightgear.org
[2010-03-10 22:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\FreeOrion
[2010-09-25 14:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\GARMIN
[2010-02-04 16:21:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\GetRightToGo
[2010-08-02 20:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\GlarySoft
[2010-02-26 22:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\godzHell
[2010-05-04 18:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\gtk-2.0
[2010-01-20 20:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\id Software
[2010-11-11 23:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\IObit
[2010-09-16 20:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\jah
[2010-11-14 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\kikin
[2009-11-24 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Leadertech
[2010-02-26 18:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Mouse Recorder Pro
[2010-06-12 18:45:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\ms-drivers
[2010-09-28 18:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Neurohack
[2010-03-18 17:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Notepad++
[2010-06-03 19:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\PhotoScape
[2010-04-25 14:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\PirateGalaxy
[2010-11-04 15:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\PlaneShift
[2010-03-23 15:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Publish Providers
[2010-05-18 17:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010-04-08 16:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Secret of the Solstice
[2010-02-27 20:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Soldat
[2010-03-23 15:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Sony
[2010-06-03 16:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\SWF.max
[2010-11-12 16:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\SystemRequirementsLab
[2010-11-05 20:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\TeamViewer
[2010-03-22 18:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Template
[2010-06-03 20:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Toolbar4
[2010-11-24 10:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\treasurechest
[2010-03-28 19:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\TuneUp Software
[2010-10-26 17:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\Unity
[2010-01-14 21:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\ValuSoft
[2010-05-20 21:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\WinSesame
[2010-06-12 18:45:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\magnus gunnarsson\Application Data\wyUpdate AU

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010-01-12 12:56:00 | 000,524,288 | ---- | M] () -- C:\1005HA.ROM
[2010-09-18 09:48:28 | 000,016,556 | ---- | M] () -- C:\aaw7boot.log
[2009-09-01 03:05:07 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-10-28 16:14:42 | 000,000,487 | ---- | M] () -- C:\Boot.bak
[2010-11-25 23:31:22 | 000,000,533 | RHS- | M] () -- C:\boot.ini
[2008-04-15 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:18 | 000,260,784 | RHS- | M] () -- C:\cmldr
[2010-11-26 00:17:04 | 000,023,991 | ---- | M] () -- C:\ComboFix.txt
[2009-09-01 03:05:07 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-08-04 12:04:16 | 000,000,170 | ---- | M] () -- C:\drwtsn32.log
[2010-11-26 14:45:45 | 1064,554,496 | -HS- | M] () -- C:\hiberfil.sys
[2009-09-01 03:05:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-02-27 20:51:47 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2010-11-25 22:55:21 | 000,000,110 | ---- | M] () -- C:\mbam-error.txt
[2009-09-01 03:05:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008-04-15 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-04-15 13:00:00 | 000,250,560 | RHS- | M] () -- C:\ntldr
[2010-11-26 14:45:39 | 3145,728,000 | -HS- | M] () -- C:\pagefile.sys
[2010-04-15 14:21:20 | 000,000,540 | ---- | M] () -- C:\rkill.log
[2010-11-24 13:11:38 | 000,044,340 | ---- | M] () -- C:\TDSSKiller.2.4.8.0_24.11.2010_13.10.47_log.txt
[2010-11-24 13:13:12 | 000,045,012 | ---- | M] () -- C:\TDSSKiller.2.4.8.0_24.11.2010_13.12.11_log.txt
[2010-11-24 13:14:29 | 000,044,340 | ---- | M] () -- C:\TDSSKiller.2.4.8.0_24.11.2010_13.13.19_log.txt
[2009-12-04 18:32:21 | 000,019,264 | ---- | M] () -- C:\texlib.log
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\Fonts\*.com >
[2006-04-18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009-09-01 03:04:38 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006-10-26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008-07-06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009-02-06 18:13:50 | 000,308,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010-04-26 14:36:51 | 000,001,762 | -H-- | M] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009-09-01 04:58:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009-09-01 04:58:14 | 001,064,960 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009-09-01 04:58:14 | 000,446,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009-11-24 00:54:23 | 000,000,127 | -HS- | M] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009-09-01 03:08:40 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >
[2006-05-19 10:53:02 | 000,013,022 | ---- | M] () -- C:\WINDOWS\snp2uvc.src
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2010-11-26 15:01:31 | 000,131,072 | ---- | M] () -- C:\Documents and Settings\magnus gunnarsson\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007-06-27 15:11:30 | 000,317,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2010-11-06 18:15:04 | 000,735,984 | ---- | M] (tzuk) -- C:\WINDOWS\Installer\SandboxieInstall32.exe
[16 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008-04-14 20:35:14 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program\Messenger\msmsgs.exe
[2007-04-02 22:37:24 | 000,002,882 | ---- | M] () -- C:\Program\Messenger\newalert.wav
[2007-04-02 22:37:24 | 000,006,156 | ---- | M] () -- C:\Program\Messenger\newemail.wav
[2007-04-02 22:37:26 | 000,006,160 | ---- | M] () -- C:\Program\Messenger\online.wav
[2007-04-02 22:37:28 | 000,004,454 | ---- | M] () -- C:\Program\Messenger\type.wav
[2007-01-24 11:20:42 | 000,120,159 | ---- | M] () -- C:\Program\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C60FAC5D

< End of report >

broni · 2010/11/28

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in TillfÃ¶rlitliga platser)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C60FAC5D

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.
===============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

IMPORTANT! UN-check Remove found threats

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, push List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

broni · 2010/12/03

Are you still out there?

Log in or Sign up

Inactive google redirect virus

broni Moderator Malware Analyst

light Inactive Thread Starter

light Inactive Thread Starter

broni Moderator Malware Analyst

light Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive google redirect virus

broni Moderator Malware Analyst

light Inactive Thread Starter

light Inactive Thread Starter

broni Moderator Malware Analyst

light Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

broni Moderator Malware Analyst

Share This Page

Useful Searches