OTS logfile created on: 04-09-2010 10:17:21 - Run 1
OTS by OldTimer - Version 3.1.36.0 Folder = C:\Users\Win7\Desktop
64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy
6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 84,00% Memory free
12,00 Gb Paging File | 11,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,91 Gb Total Space | 2,69 Gb Free Space | 8,99% Space Free | Partition Type: NTFS
Drive D: | 901,49 Gb Total Space | 484,73 Gb Free Space | 53,77% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WIN7-PC
Current User Name: Win7
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
[Processes - Safe List]
ots.exe -> C:\Users\Win7\Desktop\OTS.exe -> [2010-09-04 10:16:30 | 000,641,024 | ---- | M] (OldTimer Tools)
pnkbstrb.exe -> C:\Windows\SysWOW64\PnkBstrB.exe -> [2010-07-22 17:43:56 | 000,219,128 | ---- | M] ()
pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010-01-27 17:31:24 | 000,075,064 | ---- | M] ()
nvscpapisvr.exe -> C:\Windows\SysWOW64\nvSCPAPISvr.exe -> [2009-06-10 06:33:00 | 000,232,960 | ---- | M] (NVIDIA Corporation)
nircmd.cfxxe -> C:\32788R22FWJFW\NirCmd.cfxxe -> [2009-04-20 12:56:28 | 000,031,232 | ---- | M] (NirSoft)
seaport.exe -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009-01-14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.)
[Modules - Safe List]
ots.exe -> C:\Users\Win7\Desktop\OTS.exe -> [2010-09-04 10:16:30 | 000,641,024 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.19_none_b6a32c7c247ee542\comctl32.dll -> [2009-05-13 08:15:18 | 001,679,360 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\SysWOW64\msscript.ocx -> [2009-04-22 07:18:43 | 000,095,232 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
64bit-(PnkBstrB) [Auto | Running] -> C:\Windows\SysNative\PnkBstrB.exe -> File not found
64bit-(PnkBstrA) [Auto | Running] -> C:\Windows\SysNative\PnkBstrA.exe -> File not found
64bit-(UmRdpService) [On_Demand | Stopped] -> C:\Windows\SysNative\umrdp.dll -> [2009-04-22 07:41:29 | 000,195,072 | ---- | M] (Microsoft Corporation)
64bit-(PeerDistSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\PeerDistSvc.dll -> [2009-04-22 07:40:52 | 001,361,920 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009-04-22 07:40:14 | 001,011,200 | ---- | M] (Microsoft Corporation)
64bit-(CscService) [Auto | Running] -> C:\Windows\SysNative\cscsvc.dll -> [2009-04-22 07:39:25 | 000,689,152 | ---- | M] (Microsoft Corporation)
64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009-04-22 07:38:59 | 000,193,024 | ---- | M] (Microsoft Corporation)
(PnkBstrB) PnkBstrB [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrB.exe -> [2010-07-22 17:43:56 | 000,219,128 | ---- | M] ()
(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2010-01-27 17:31:24 | 000,075,064 | ---- | M] ()
(fsssvc) Windows Live Family Safety Service [On_Demand | Stopped] -> C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -> [2009-08-05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2009-07-16 18:04:16 | 000,316,664 | ---- | M] (Valve Corporation)
(Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Windows\SysWOW64\nvSCPAPISvr.exe -> [2009-06-10 06:33:00 | 000,232,960 | ---- | M] (NVIDIA Corporation)
(SeaPort) SeaPort [Auto | Running] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009-01-14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.)
[Driver Services - Safe List]
64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2010-08-12 14:54:44 | 000,834,544 | ---- | M] ()
64bit-(fssfltr) FssFltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fssfltr.sys -> [2009-08-05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009-04-22 07:53:06 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009-04-22 07:53:04 | 000,105,040 | ---- | M] (AMD)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009-04-22 07:52:53 | 000,028,752 | ---- | M] (AMD)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009-04-22 07:48:16 | 000,077,904 | ---- | M] (Hewlett-Packard Company)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009-04-22 07:48:15 | 000,065,616 | ---- | M] (LSI Corporation)
64bit-(vmbus) vmbus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vmbus.sys -> [2009-04-22 07:45:27 | 000,203,856 | ---- | M] (Microsoft Corporation)
64bit-(storflt) Disk Virtual Machine Bus Acceleration Filter Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vmstorfl.sys -> [2009-04-22 07:45:25 | 000,047,168 | ---- | M] (Microsoft Corporation)
64bit-(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\storvsc.sys -> [2009-04-22 07:45:20 | 000,036,944 | ---- | M] (Microsoft Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009-04-22 07:45:20 | 000,024,640 | ---- | M] (Promise Technology)
64bit-(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vms3cap.sys -> [2009-04-22 05:49:33 | 000,006,656 | ---- | M] (Microsoft Corporation)
64bit-(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\VMBusHID.sys -> [2009-04-22 05:49:14 | 000,021,760 | ---- | M] (Microsoft Corporation)
64bit-(CSC) Driver til offlinefiler [Kernel | System | Running] -> C:\Windows\SysNative\drivers\csc.sys -> [2009-04-22 05:27:28 | 000,514,048 | ---- | M] (Microsoft Corporation)
64bit-(yukonw7) NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\yk62x64.sys -> [2009-03-28 06:44:58 | 000,389,120 | ---- | M] (Marvell)
64bit-(cpuz132) cpuz132 [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\cpuz132_x64.sys -> [2009-03-27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009-03-17 06:35:14 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009-03-06 09:43:48 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009-02-06 05:41:49 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009-01-24 06:08:24 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009-01-08 19:28:16 | 000,000,308 | ---- | M] ()
64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2005-03-29 01:30:38 | 000,008,192 | ---- | M] ()
(GarenaPEngine) GarenaPEngine [Kernel | On_Demand | Stopped] -> C:\Users\Win7\AppData\Local\Temp\IGO9507.tmp -> [2009-08-09 19:21:13 | 000,017,864 | ---- | M] ()
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.foozir.com/ ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://dk.msn.com/?ocid=iehp ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> da ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 85 F3 C2 BA A2 47 CB 01 [binary data] ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyServer" -> http=127.0.0.1:6092 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
-> C:\Users\Win7\AppData\Roaming\mozilla\Extensions -> [2009-12-14 18:46:17 | 000,000,000 | ---D | M]
-> C:\Users\Win7\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org -> [2009-12-14 18:46:17 | 000,000,000 | ---D | M]
< HOSTS File > ([2009-02-24 05:35:22 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} [HKLM] -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [Windows Live Family Safety Browser Helper Class] -> [2009-08-05 23:24:16 | 000,132,448 | ---- | M] (Microsoft Corporation)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009-01-14 17:49:24 | 000,092,504 | ---- | M] (Microsoft Corp.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009-02-06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> [2010-03-25 11:28:02 | 001,548,096 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows; Live Toolbar] -> [2009-02-06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2010-03-25 11:27:54 | 000,968,000 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows; Live Toolbar] -> [2009-02-06 18:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
64bit-WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [DAEMON Tools Toolbar] -> [2010-03-25 11:28:02 | 001,548,096 | ---- | M] ()
WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [DAEMON Tools Toolbar] -> [2010-03-25 11:27:54 | 000,968,000 | ---- | M] ()
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Malwarebytes Anti-Malware (reboot)" -> D:\programmer\Malwarebytes' Anti-Malware\mbam.exe ["D:\programmer\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript] -> [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation)
"ncrowexmas.exe" -> C:\Users\Win7\AppData\Local\Temp\ncrowexmas.exe ["C:\Users\Win7\AppData\Local\Temp\ncrowexmas.exe"] -> [2010-09-03 09:41:22 | 000,042,496 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"msnmsgr" -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009-07-26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation)
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe [C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun] -> [2009-04-22 07:19:30 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Steam" -> d:\programmer\steam\installeret steam\steam.exe ["d:\programmer\steam\installeret steam\steam.exe" -silent] -> [2010-08-24 11:42:05 | 001,242,448 | ---- | M] (Valve Corporation)
"VOIPlay" -> D:\programmer\VOIPlay\voiplay.exe ["D:\programmer\VOIPlay\voiplay.exe"] -> [2010-07-01 11:59:48 | 001,297,768 | ---- | M] (E-Sport Network AB & VOIPlay AB)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [0] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
\\"EnableLUA" -> [0] -> File not found
\\"PromptOnSecureDesktop" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Free YouTube to Mp3 Converter -> C:\Users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm [C:\Users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm] -> [2010-08-27 12:49:54 | 000,000,269 | ---- | M] ()
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Free YouTube to Mp3 Converter -> C:\Users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm [C:\Users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm] -> [2010-08-27 12:49:54 | 000,000,269 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog; This in Windows Live Writer] -> [2009-07-26 20:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime;=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab [MessengerStatsClient Class] ->
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [HKLM] -> http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab [Minesweeper Flags Class] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 212.10.10.4 212.10.10.5 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{6116C6BE-6E71-4BCE-9590-FDBA1AA49E5D}\\DhcpNameServer -> 212.10.10.4 212.10.10.5 (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) ->
{6116C6BE-6E71-4BCE-9590-FDBA1AA49E5D}\\NameServer -> 208.67.222.222,208.67.220.220 (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) ->
{E8E42C1E-6CBF-431A-8FC8-2B0B7609BE54}\\DhcpNameServer -> 212.10.10.4 212.10.10.5 (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) ->
{E8E42C1E-6CBF-431A-8FC8-2B0B7609BE54}\\NameServer -> 208.67.222.222,208.67.220.220 (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2009-04-22 07:38:05 | 002,858,496 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009-04-22 07:38:40 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009-04-22 07:19:02 | 002,607,616 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009-04-22 07:19:35 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{07F1F3F4-3AA5-4178-9060-691F9835E8F3} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{0FBF53B9-6704-427A-A528-FCA83E4C26C5} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{144BF520-4234-4024-B30F-A84BC214C3F0} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{2269DBFA-E7FF-466D-ACCC-A0A2857BF89C} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{250A6D81-F6A7-4022-86A1-CCFFAD6C5289} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost |
{281513EC-3057-4E65-9686-3DF600EEE274} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{3B90F71E-B364-4FE6-BA21-282C9F5304F5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{41A0B09D-6A06-45FA-874A-8F6B488AE2BD} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{481A15B1-289C-4533-B92D-36C4F8129AC4} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{49B4D1A2-528A-4568-8259-CC634C1FF2EE} -> lport=3724 | profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader: 3724 |
{4BA841B6-D923-4346-B1C7-A4356E63615C} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
{4C3260B7-EDBE-46E3-A6E1-B74E6F91A735} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{5329FBF8-243D-46D6-B54B-9C035C6E4F81} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{55F00F17-E9F8-42E2-A7B8-451838C0D845} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub |
{70DAB277-C529-4929-B846-4CC5A7CEDF49} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{7F9E2C17-E6BB-43A2-A605-23909256E580} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{8091B39B-4445-49AC-95C0-9DAEF3422792} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{8531D890-044B-4B5D-8E0A-A7F1FBF371D0} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub |
{895A288C-15E1-4859-B677-0324EC6800BF} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{905DA622-FD12-4195-9FCE-B7539EFA872D} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{9D23F28B-5E44-42E6-8DEA-6A3D1F7E88C0} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{A1E48C78-5884-43FE-ABEA-6BC4FD7CD5A7} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{B4D41B9C-4618-47F7-8B77-4D327148A476} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{B5FBD686-2BA7-46F4-8E5E-3343E9ED3EDC} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{BE2C84EB-E4EE-47F8-84FA-3B4FD263B6A2} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{C619B3A8-1C91-4EF0-993D-537D673984D5} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{CB20C0E6-3070-4E73-BF56-6C55C6F70372} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{DE477932-A3E6-474A-8784-00D732B09ECF} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{E08EDE3A-55E8-46FE-B3B1-FB42A5993B30} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{E0EE9BD9-A452-4081-8BF0-36F6B06FBA45} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{E33ABF5D-C576-4BEA-A504-4CF5BD5AD4FE} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{FA19C4A8-5B05-442A-9D37-5D706533FE02} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
{FA45216D-E6DD-4BA0-8855-609295BF004D} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
{FAB8BEEA-AD9D-44B5-85E2-50115C3387AB} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{025C895B-22E2-4681-92E8-A19E36DC7280} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{032AE274-8F20-499C-9552-C116778366E8} -> profile=public | protocol=17 | dir=in | action=allow | name=veoh web player | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
{060B7131-F89A-47DC-91D0-91B9D9835F91} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |
{069091F5-27E8-4C5F-8DAE-EFFDC66FACFF} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
{0773A83C-FBFB-40B6-B5FA-12D8D9493010} -> profile=public | protocol=17 | dir=in | action=allow | name=call of duty(r) 4 - modern warfare(tm) | app=d:\programmer\cod4\iw3mp.exe |
{0B7C441C-EDEB-4691-8321-FA955CE958C4} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{10F60C9E-2A44-44DF-955B-4FFE72BBF046} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=d:\programmer\starcraft ii\starcraft ii.exe |
{1365F7DC-145F-45A7-B2A6-0A14B5EF48DB} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{14AD1B51-E094-49BF-A46D-B8B778E8A6FF} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=d:\world of warcraft\backgrounddownloader.exe |
{1F3AD9C6-B137-4272-B9AD-DF782D578966} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
{2C8B5BA4-DC01-44DF-A305-134CF23C16E5} -> profile=public | protocol=6 | dir=in | action=allow | name=veoh web player | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
{31BDE812-3D28-441C-93E2-9D84C449FE2C} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{3F6BC579-48DC-47CC-932D-7E7551ABFBAC} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{4133F955-9AB5-4D12-B4ED-79907E36F238} -> profile=public | protocol=17 | dir=in | action=allow | name=counter-strike | app=d:\programmer\steam\installeret steam\steamapps\frandsen\counter-strike\hl.exe |
{44800CAE-8573-4E3C-B604-6A30DFC1148E} -> profile=public | protocol=17 | dir=in | action=allow | name=steam | app=d:\programmer\steam\installeret steam\steam.exe |
{4C402903-4B83-409F-AF33-C94F56A3F60B} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{4DDC83ED-9498-44CB-B971-4EB6B9803397} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
{4E53D5DC-52CD-4E16-9685-BA74EA5DED12} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
{4FD9D32F-5405-42A9-8354-E2E988287A02} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
{501FBEAA-08F0-473F-AC67-19BF72D1BBCF} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |
{50F8658B-1444-441C-A460-CE8FAD060779} -> profile=public | protocol=6 | dir=in | action=allow | name=starcraft ii | app=d:\programmer\starcraft ii\versions\base15405\sc2.exe |
{51AC9060-1741-4895-A8E9-606BD55A08B4} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
{573C7E85-12B3-44E7-B904-9040FD88CDEE} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{5B9D8191-8B02-476D-BC8F-3F02A042346F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{649F1063-CE73-4419-90B3-DC46EB4ADDD3} -> profile=public | protocol=6 | dir=in | action=allow | name=limewire | app=d:\programmer\limewire\limewire.exe |
{6C52149F-3C46-4507-A526-112F2F326CE5} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{6C8B6386-9F69-45DC-A4EE-4B4103301702} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{6E713B68-C495-4C2B-A0FA-87CB8080C276} -> profile=public | protocol=17 | dir=in | action=allow | name=starcraft ii | app=d:\programmer\starcraft ii\versions\base15405\sc2.exe |
{70AA7D63-8526-4009-93C9-9820B1BD13F2} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
{84E331B6-BED4-4780-AFA4-68023EF9F102} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
{8568151C-408B-4070-AA63-5E45DA2C1DE4} -> profile=public | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |
{8BB2EA42-DEF7-4152-A862-90DE7213AA8B} -> profile=public | protocol=6 | dir=in | action=allow | name=call of duty(r) 4 - modern warfare(tm) | app=d:\programmer\cod4\iw3mp.exe |
{8ED5D49E-E91A-44E0-8083-6D0A3FBCF0D4} -> profile=public | protocol=6 | dir=in | action=allow | name=counter-strike | app=d:\programmer\steam\installeret steam\steamapps\frandsen\counter-strike\hl.exe |
{9147C1A0-78D7-4894-9A77-433443B7BE2D} -> profile=public | protocol=6 | dir=in | action=allow | name=steam | app=d:\programmer\steam\steam installeret\steam.exe |
{91DE0C0F-913D-4911-919D-C866F7188FB8} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=d:\programmer\starcraft ii\starcraft ii.exe |
{969935B8-FD46-49F0-9AE7-2B573837D2CB} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{99219C86-D9FE-49DE-A6DC-856BC092DBC7} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{9948D6B0-B813-4452-9517-31608948482B} -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard downloader | app=d:\world of warcraft\backgrounddownloader.exe |
{9CE53F93-1EDC-441D-AFB2-468FB8DECAF7} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{B589335F-53A1-45AE-8860-FF27131E8F3E} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{B7884851-9C9C-4319-84C2-BACE7FC94A9D} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
{B7EAEF87-C557-4651-93D1-38FC2CCC2425} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{B879DA2E-F103-40A0-B3E5-28261A5C3A4A} -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard downloader | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
{C2C98D2C-5E4A-43C6-AA1E-3FEEF1627155} -> profile=public | protocol=6 | dir=in | action=allow | name=steam | app=d:\programmer\steam\installeret steam\steam.exe |
{C46A7A8C-4A80-4540-9097-AAF25984A79A} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{C69CD747-4382-424C-BE8D-682255533CC5} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
{CC6D24DA-CD2C-4104-B9DD-F5A53A32E74D} -> profile=public | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |
{CE4BE10A-0868-4C36-A95C-30F4D6C6697F} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
{D07A585B-5AC0-4467-86F7-1E354EE47FBC} -> profile=public | protocol=17 | dir=in | action=allow | name=limewire | app=d:\programmer\limewire\limewire.exe |
{D60C01FA-81C1-4E0F-9A1F-75E64C0F4DC1} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{D7740918-FD5B-4623-9EDE-86BD997451BF} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{EE3F3AC6-2F9C-4CC7-9D5E-E8DE9371D895} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{FDA79902-9C75-4560-A182-9A499C951AEE} -> profile=public | protocol=17 | dir=in | action=allow | name=steam | app=d:\programmer\steam\steam installeret\steam.exe |
TCP Query User{479FEA23-3CE9-43BB-81D5-A561FDB1CAA1}D:\world of warcraft\launcher.exe -> profile=public | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=d:\world of warcraft\launcher.exe |
TCP Query User{4EFAE86F-B4E5-4D79-B0ED-578BFE272C54}D:\programmer\mirc\mirc.exe -> profile=public | protocol=6 | dir=in | action=allow | name=mirc | app=d:\programmer\mirc\mirc.exe |
TCP Query User{504AA13F-12A8-4A15-B8C5-D2DFC1ECB2BE}D:\spil\tmnationsforever\tmforever.exe -> profile=public | protocol=6 | dir=in | action=allow | name=tmforever.exe | app=d:\spil\tmnationsforever\tmforever.exe |
TCP Query User{559AB863-7A96-4523-9BDF-31F2315B6B2E}C:\program files (x86)\garena\garena.exe -> profile=public | protocol=6 | dir=in | action=allow | name=garena | app=c:\program files (x86)\garena\garena.exe |
TCP Query User{65D1C30A-6D01-490B-909E-3EB8E79B7B2D}C:\program files (x86)\steam\steamapps\zakaryn\counter-strike source\hl2.exe -> profile=public | protocol=6 | dir=in | action=allow | name=hl2 | app=c:\program files (x86)\steam\steamapps\zakaryn\counter-strike source\hl2.exe |
TCP Query User{73EDC235-807F-4AF4-BD51-0F71DDE53868}D:\fogdownloader-rom_2_1_0_1871.exe -> profile=public | protocol=6 | dir=in | action=allow | name=fogdownloader-rom_2_1_0_1871 | app=d:\fogdownloader-rom_2_1_0_1871.exe |
TCP Query User{7E9731AF-C2D4-479C-8B73-B8D6995E4918}D:\programmer\xfire\xfire.exe -> profile=public | protocol=6 | dir=in | action=allow | name=xfire | app=d:\programmer\xfire\xfire.exe |
TCP Query User{86CC2BA8-91C4-4D75-A702-803AEDF68A5F}D:\spil\tmnationsforever\tmforever.exe -> profile=private | protocol=6 | dir=in | action=allow | name=tmforever | app=d:\spil\tmnationsforever\tmforever.exe |
TCP Query User{8FA37970-E366-485D-85C2-AD2D752E3820}D:\programmer\steam\steam installeret\steamapps\frandsen\counter-strike\hl.exe -> profile=public | protocol=6 | dir=in | action=allow | name=half-life launcher | app=d:\programmer\steam\steam installeret\steamapps\frandsen\counter-strike\hl.exe |
TCP Query User{AEE5ABCE-6320-4E6D-BCB3-B3C0ED95B981}C:\program files (x86)\hlsw\hlsw.exe -> profile=public | protocol=6 | dir=in | action=allow | name=hlsw application | app=c:\program files (x86)\hlsw\hlsw.exe |
TCP Query User{B0228654-621B-4361-A4FB-00334E5949D3}D:\warcraft iii\war3.exe -> profile=public | protocol=6 | dir=in | action=allow | name=warcraft iii | app=d:\warcraft iii\war3.exe |
TCP Query User{C6195901-B028-4C1D-81EA-839362A0C67C}D:\programmer\warcraft iii\war3.exe -> profile=public | protocol=6 | dir=in | action=allow | name=warcraft iii | app=d:\programmer\warcraft iii\war3.exe |
TCP Query User{CAD67D63-C135-4BAA-BECF-F6D2BA1D6112}C:\program files (x86)\mohaa.exe -> profile=public | protocol=6 | dir=in | action=allow | name=medal of honor allied assault(tm) | app=c:\program files (x86)\mohaa.exe |
TCP Query User{F5384EC5-19A1-4CBA-AFD2-1E7E3FA345AE}C:\program files (x86)\internet explorer\iexplore.exe -> profile=public | protocol=6 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
TCP Query User{FBB6D99F-C9ED-4893-8E42-D7CF0515B06E}D:\programmer\mohaa\mohaa.exe -> profile=public | protocol=6 | dir=in | action=allow | name=medal of honor allied assault(tm) | app=d:\programmer\mohaa\mohaa.exe |
UDP Query User{302DCB02-2085-4642-BA8C-434CDB9FC63C}D:\world of warcraft\launcher.exe -> profile=public | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=d:\world of warcraft\launcher.exe |
UDP Query User{33B23444-5211-425F-A1A8-2A10E0E7EB34}C:\program files (x86)\mohaa.exe -> profile=public | protocol=17 | dir=in | action=allow | name=medal of honor allied assault(tm) | app=c:\program files (x86)\mohaa.exe |
UDP Query User{3AD38704-F202-42B2-BEBD-38E4D2C37D8E}D:\fogdownloader-rom_2_1_0_1871.exe -> profile=public | protocol=17 | dir=in | action=allow | name=fogdownloader-rom_2_1_0_1871 | app=d:\fogdownloader-rom_2_1_0_1871.exe |
UDP Query User{44D5F750-3DD2-41AA-AFA3-653657533398}C:\program files (x86)\internet explorer\iexplore.exe -> profile=public | protocol=17 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
UDP Query User{45E5E3C9-3041-4752-B3E6-857FB78404D8}D:\spil\tmnationsforever\tmforever.exe -> profile=public | protocol=17 | dir=in | action=allow | name=tmforever.exe | app=d:\spil\tmnationsforever\tmforever.exe |
UDP Query User{5E996A39-BDFC-4E21-9EF9-579F814CCC17}C:\program files (x86)\steam\steamapps\zakaryn\counter-strike source\hl2.exe -> profile=public | protocol=17 | dir=in | action=allow | name=hl2 | app=c:\program files (x86)\steam\steamapps\zakaryn\counter-strike source\hl2.exe |
UDP Query User{64D8E74E-2CE1-4FA1-94B3-C6BEEF3D1195}D:\programmer\warcraft iii\war3.exe -> profile=public | protocol=17 | dir=in | action=allow | name=warcraft iii | app=d:\programmer\warcraft iii\war3.exe |
UDP Query User{736DD725-88FF-4A78-8C23-72397AAF0904}D:\programmer\xfire\xfire.exe -> profile=public | protocol=17 | dir=in | action=allow | name=xfire | app=d:\programmer\xfire\xfire.exe |
UDP Query User{7652537D-B6A2-4DA2-B03E-387C9A786F35}D:\programmer\mohaa\mohaa.exe -> profile=public | protocol=17 | dir=in | action=allow | name=medal of honor allied assault(tm) | app=d:\programmer\mohaa\mohaa.exe |
UDP Query User{846590F7-93D1-428C-B6F2-E2C520F4EC1F}D:\programmer\steam\steam installeret\steamapps\frandsen\counter-strike\hl.exe -> profile=public | protocol=17 | dir=in | action=allow | name=half-life launcher | app=d:\programmer\steam\steam installeret\steamapps\frandsen\counter-strike\hl.exe |
UDP Query User{BECBF5F5-131D-4A2A-BD31-A0A57A177785}D:\warcraft iii\war3.exe -> profile=public | protocol=17 | dir=in | action=allow | name=warcraft iii | app=d:\warcraft iii\war3.exe |
UDP Query User{DE7C11B0-1D17-4BF7-81BF-503321284C4F}D:\spil\tmnationsforever\tmforever.exe -> profile=private | protocol=17 | dir=in | action=allow | name=tmforever | app=d:\spil\tmnationsforever\tmforever.exe |
UDP Query User{F1F82C3E-7F53-45BB-9B81-B6F86CAA28FC}C:\program files (x86)\hlsw\hlsw.exe -> profile=public | protocol=17 | dir=in | action=allow | name=hlsw application | app=c:\program files (x86)\hlsw\hlsw.exe |
UDP Query User{F4245306-E265-4033-8A15-97F9E2B8B087}C:\program files (x86)\garena\garena.exe -> profile=public | protocol=17 | dir=in | action=allow | name=garena | app=c:\program files (x86)\garena\garena.exe |
UDP Query User{FCF3BE40-481E-46CD-B3C5-0593A58C2326}D:\programmer\mirc\mirc.exe -> profile=public | protocol=17 | dir=in | action=allow | name=mirc | app=d:\programmer\mirc\mirc.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009-05-01 03:36:06 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Win7\Desktop\OTS.exe -> [2010-09-04 10:16:28 | 000,641,024 | ---- | C] (OldTimer Tools)
32788R22FWJFW -> C:\32788R22FWJFW -> [2010-09-04 09:52:36 | 000,000,000 | R--D | C]
pss -> C:\Windows\pss -> [2010-09-03 13:23:27 | 000,000,000 | ---D | C]
fixshell.exe -> C:\Users\Win7\Desktop\fixshell.exe -> [2010-09-03 11:24:20 | 000,049,504 | ---- | C] (Prevx)
mlxjhwkcm -> C:\Users\Win7\AppData\Local\mlxjhwkcm -> [2010-09-03 09:42:27 | 000,000,000 | ---D | C]
.COMMgr -> C:\Users\Win7\.COMMgr -> [2010-09-03 09:41:59 | 000,000,000 | -HSD | C]
Windows Server -> C:\Users\Win7\AppData\Local\Windows Server -> [2010-09-03 09:41:28 | 000,000,000 | ---D | C]
0A5A26F3EC641E14C5410D5BC10C1F21 -> C:\Users\Win7\AppData\Roaming\0A5A26F3EC641E14C5410D5BC10C1F21 -> [2010-09-03 09:41:23 | 000,000,000 | ---D | C]
DVDVideoSoftIEHelpers -> C:\Users\Win7\AppData\Roaming\DVDVideoSoftIEHelpers -> [2010-08-27 12:49:54 | 000,000,000 | ---D | C]
DVDVideoSoft -> C:\Users\Win7\Documents\DVDVideoSoft -> [2010-08-27 12:49:49 | 000,000,000 | ---D | C]
DVDVideoSoft -> C:\Program Files (x86)\DVDVideoSoft -> [2010-08-27 12:49:47 | 000,000,000 | ---D | C]
DVDVideoSoft -> C:\Program Files (x86)\Common Files\DVDVideoSoft -> [2010-08-27 12:49:43 | 000,000,000 | ---D | C]
VOIPlay -> C:\Users\Win7\AppData\Roaming\VOIPlay -> [2010-08-12 20:48:43 | 000,000,000 | ---D | C]
VOIPlay -> C:\ProgramData\VOIPlay -> [2010-08-12 20:48:43 | 000,000,000 | ---D | C]
War3Unin.exe -> C:\Windows\War3Unin.exe -> [2010-08-12 14:59:54 | 000,139,264 | ---- | C] (Blizzard Entertainment)
DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2010-08-12 14:54:25 | 000,000,000 | ---D | C]
DAEMON Tools Toolbar -> C:\Program Files (x86)\DAEMON Tools Toolbar -> [2010-08-12 14:49:26 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2010-08-12 14:48:49 | 000,000,000 | ---D | C]
DAEMON Tools Lite -> C:\Users\Win7\AppData\Roaming\DAEMON Tools Lite -> [2010-08-12 14:43:41 | 000,000,000 | ---D | C]
DAEMON Tools Net -> C:\ProgramData\DAEMON Tools Net -> [2010-08-12 14:39:08 | 000,000,000 | ---D | C]
DAEMON Tools Net -> C:\Users\Win7\AppData\Roaming\DAEMON Tools Net -> [2010-08-12 14:39:03 | 000,000,000 | ---D | C]
Warcraft III and The Frozen Throne -> C:\Users\Win7\Desktop\Warcraft III and The Frozen Throne -> [2010-08-12 14:36:30 | 000,000,000 | ---D | C]
BUG NADE -> C:\Users\Win7\Desktop\BUG NADE -> [2010-08-11 00:14:04 | 000,000,000 | ---D | C]
speed -> C:\Users\Win7\Desktop\speed -> [2010-08-07 20:41:25 | 000,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
NTUSER.DAT -> C:\Users\Win7\NTUSER.DAT -> [2010-09-04 10:18:05 | 002,359,296 | -HS- | M] ()
OTS.exe -> C:\Users\Win7\Desktop\OTS.exe -> [2010-09-04 10:16:30 | 000,641,024 | ---- | M] (OldTimer Tools)
ComboFix.exe -> C:\Users\Win7\Desktop\ComboFix.exe -> [2010-09-04 09:50:20 | 003,835,232 | ---- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010-09-04 09:48:56 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010-09-04 09:48:55 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010-09-04 09:48:50 | 529,883,135 | -HS- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010-09-03 18:53:52 | 000,009,584 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010-09-03 18:53:52 | 000,009,584 | -H-- | M] ()
dds.scr -> C:\Users\Win7\Desktop\dds.scr -> [2010-09-03 17:47:38 | 000,525,824 | ---- | M] ()
rkill.exe -> C:\Users\Win7\Desktop\rkill.exe -> [2010-09-03 15:28:53 | 000,363,520 | ---- | M] ()
rkill.scr -> C:\Users\Win7\Desktop\rkill.scr -> [2010-09-03 15:26:39 | 000,363,520 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010-09-03 11:57:05 | 000,000,694 | ---- | M] ()
fixshell.exe -> C:\Users\Win7\Desktop\fixshell.exe -> [2010-09-03 11:14:36 | 000,049,504 | ---- | M] (Prevx)
IconCache.db -> C:\Users\Win7\AppData\Local\IconCache.db -> [2010-09-03 10:16:30 | 009,222,584 | -H-- | M] ()
Default.rdp -> C:\Users\Win7\Documents\Default.rdp -> [2010-09-01 10:09:35 | 000,002,014 | -H-- | M] ()
Universal Anticheat 2.lnk -> C:\Users\Public\Desktop\Universal Anticheat 2.lnk -> [2010-08-31 23:58:49 | 000,000,698 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010-08-27 21:08:22 | 001,239,876 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010-08-27 21:08:22 | 000,606,992 | ---- | M] ()
perfh006.dat -> C:\Windows\SysNative\perfh006.dat -> [2010-08-27 21:08:22 | 000,460,912 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010-08-27 21:08:22 | 000,103,370 | ---- | M] ()
perfc006.dat -> C:\Windows\SysNative\perfc006.dat -> [2010-08-27 21:08:22 | 000,076,482 | ---- | M] ()
DVDVideoSoft Free Studio.lnk -> C:\Users\Win7\Desktop\DVDVideoSoft Free Studio.lnk -> [2010-08-27 12:49:52 | 000,001,243 | ---- | M] ()
vaext -> C:\Users\Win7\vaext -> [2010-08-18 00:15:28 | 000,000,016 | -H-- | M] ()
.vsysd -> C:\Users\Win7\.vsysd -> [2010-08-18 00:15:28 | 000,000,016 | -H-- | M] ()
VOIPlay.lnk -> C:\Users\Public\Desktop\VOIPlay.lnk -> [2010-08-12 20:48:44 | 000,000,742 | ---- | M] ()
War3Unin.dat -> C:\Windows\War3Unin.dat -> [2010-08-12 15:03:39 | 000,060,841 | ---- | M] ()
Frozen Throne.lnk -> C:\Users\Win7\Desktop\Frozen Throne.lnk -> [2010-08-12 15:02:59 | 000,000,827 | ---- | M] ()
War3Unin.pif -> C:\Windows\War3Unin.pif -> [2010-08-12 15:02:33 | 000,002,829 | ---- | M] ()
War3Unin.exe -> C:\Windows\War3Unin.exe -> [2010-08-12 15:02:32 | 000,139,264 | ---- | M] (Blizzard Entertainment)
Warcraft III.lnk -> C:\Users\Win7\Desktop\Warcraft III.lnk -> [2010-08-12 14:59:58 | 000,000,822 | ---- | M] ()
sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010-08-12 14:54:44 | 000,834,544 | ---- | M] ()
DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010-08-12 14:54:44 | 000,001,954 | ---- | M] ()
Steam.lnk -> C:\Users\Public\Desktop\Steam.lnk -> [2010-08-12 14:34:27 | 000,000,854 | ---- | M] ()
www.AllSubs.org_2012-da-2009-maxspeed-www-torentz-3-xforum-ro_94758.zip -> C:\Users\Win7\Desktop\www.AllSubs.org_2012-da-2009-maxspeed-www-torentz-3-xforum-ro_94758.zip -> [2010-08-11 19:47:43 | 000,039,392 | ---- | M] ()
274404.zip -> C:\Users\Win7\Desktop\274404.zip -> [2010-08-11 19:43:02 | 000,025,385 | ---- | M] ()
278288.zip -> C:\Users\Win7\Desktop\278288.zip -> [2010-08-11 19:41:10 | 000,038,109 | ---- | M] ()
280983.rar -> C:\Users\Win7\Desktop\280983.rar -> [2010-08-11 17:55:26 | 000,039,213 | ---- | M] ()
BUG NADE by linden 8min in the demo.rar -> C:\Users\Win7\Desktop\BUG NADE by linden 8min in the demo.rar -> [2010-08-11 00:14:28 | 003,815,838 | ---- | M] ()
speed.rar -> C:\Users\Win7\Desktop\speed.rar -> [2010-08-07 20:43:04 | 005,069,367 | ---- | M] ()
[Files - No Company Name]
ComboFix.exe -> C:\Users\Win7\Desktop\ComboFix.exe -> [2010-09-04 09:50:16 | 003,835,232 | ---- | C] ()
dds.scr -> C:\Users\Win7\Desktop\dds.scr -> [2010-09-03 17:47:36 | 000,525,824 | ---- | C] ()
rkill.exe -> C:\Users\Win7\Desktop\rkill.exe -> [2010-09-03 15:28:51 | 000,363,520 | ---- | C] ()
rkill.scr -> C:\Users\Win7\Desktop\rkill.scr -> [2010-09-03 15:26:38 | 000,363,520 | ---- | C] ()
OpenOffice.org 3.1.lnk -> C:\Users\Win7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2010-09-03 13:28:29 | 000,001,239 | ---- | C] ()
DVDVideoSoft Free Studio.lnk -> C:\Users\Win7\Desktop\DVDVideoSoft Free Studio.lnk -> [2010-08-27 12:49:49 | 000,001,243 | ---- | C] ()
vaext -> C:\Users\Win7\vaext -> [2010-08-18 00:15:28 | 000,000,016 | -H-- | C] ()
.vsysd -> C:\Users\Win7\.vsysd -> [2010-08-18 00:15:28 | 000,000,016 | -H-- | C] ()
VOIPlay.lnk -> C:\Users\Public\Desktop\VOIPlay.lnk -> [2010-08-12 20:48:44 | 000,000,742 | ---- | C] ()
Frozen Throne.lnk -> C:\Users\Win7\Desktop\Frozen Throne.lnk -> [2010-08-12 15:02:59 | 000,000,827 | ---- | C] ()
Warcraft III.lnk -> C:\Users\Win7\Desktop\Warcraft III.lnk -> [2010-08-12 14:59:58 | 000,000,822 | ---- | C] ()
War3Unin.dat -> C:\Windows\War3Unin.dat -> [2010-08-12 14:59:55 | 000,060,841 | ---- | C] ()
War3Unin.pif -> C:\Windows\War3Unin.pif -> [2010-08-12 14:59:54 | 000,002,829 | ---- | C] ()
DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2010-08-12 14:54:44 | 000,001,954 | ---- | C] ()
sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2010-08-12 14:43:57 | 000,834,544 | ---- | C] ()
ny.srt -> C:\Users\Win7\Desktop\ny.srt -> [2010-08-11 19:47:54 | 000,097,362 | ---- | C] ()
www.AllSubs.org_2012-da-2009-maxspeed-www-torentz-3-xforum-ro_94758.zip -> C:\Users\Win7\Desktop\www.AllSubs.org_2012-da-2009-maxspeed-www-torentz-3-xforum-ro_94758.zip -> [2010-08-11 19:47:43 | 000,039,392 | ---- | C] ()
2012.Doomsday.DVDRip.XviD-DEViSE (editeret).srt -> C:\Users\Win7\Desktop\2012.Doomsday.DVDRip.XviD-DEViSE (editeret).srt -> [2010-08-11 19:43:07 | 000,066,916 | ---- | C] ()
274404.zip -> C:\Users\Win7\Desktop\274404.zip -> [2010-08-11 19:43:02 | 000,025,385 | ---- | C] ()
2012.srt -> C:\Users\Win7\Desktop\2012.srt -> [2010-08-11 19:41:17 | 000,098,147 | ---- | C] ()
278288.zip -> C:\Users\Win7\Desktop\278288.zip -> [2010-08-11 19:41:09 | 000,038,109 | ---- | C] ()
2012 R5 LINE XviD-MDMA CD2.srt -> C:\Users\Win7\Desktop\2012 R5 LINE XviD-MDMA CD2.srt -> [2010-08-11 17:56:21 | 000,050,675 | ---- | C] ()
2012 R5 LINE XviD-MDMA CD1.srt -> C:\Users\Win7\Desktop\2012 R5 LINE XviD-MDMA CD1.srt -> [2010-08-11 17:56:21 | 000,047,113 | ---- | C] ()
280983.rar -> C:\Users\Win7\Desktop\280983.rar -> [2010-08-11 17:55:26 | 000,039,213 | ---- | C] ()
BUG NADE by linden 8min in the demo.rar -> C:\Users\Win7\Desktop\BUG NADE by linden 8min in the demo.rar -> [2010-08-11 00:14:27 | 003,815,838 | ---- | C] ()
speed.rar -> C:\Users\Win7\Desktop\speed.rar -> [2010-08-07 20:43:03 | 005,069,367 | ---- | C] ()
xfcodec.dll -> C:\Windows\SysWow64\xfcodec.dll -> [2010-07-09 21:04:40 | 000,041,872 | ---- | C] ()
psconv.ini -> C:\Windows\SysWow64\psconv.ini -> [2010-06-20 12:49:00 | 000,000,164 | ---- | C] ()
game.ini -> C:\Windows\game.ini -> [2010-01-27 15:34:44 | 000,000,284 | ---- | C] ()
IconCache.db -> C:\Users\Win7\AppData\Local\IconCache.db -> [2010-01-12 17:20:37 | 009,222,584 | -H-- | C] ()
unrar.dll -> C:\Windows\SysWow64\unrar.dll -> [2009-12-28 12:33:41 | 000,178,176 | ---- | C] ()
FCIC.INI -> C:\Windows\FCIC.INI -> [2009-12-01 17:53:12 | 000,002,528 | ---- | C] ()
nvUnsupRes.dat -> C:\ProgramData\nvUnsupRes.dat -> [2009-11-24 20:33:52 | 000,000,075 | ---- | C] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Win7\AppData\Local\GDIPFONTCACHEV1.DAT -> [2009-06-30 23:20:31 | 000,061,736 | ---- | C] ()
nvimage.dll -> C:\Windows\SysWow64\nvimage.dll -> [2009-06-10 06:31:04 | 000,089,088 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009-04-22 11:45:18 | 000,037,665 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009-04-22 11:45:18 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009-04-22 11:45:18 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009-04-22 11:45:18 | 000,026,040 | ---- | C] ()
desktop.ini -> C:\Program Files\desktop.ini -> [2009-04-22 11:08:55 | 000,000,174 | -HS- | C] ()
desktop.ini -> C:\Program Files (x86)\desktop.ini -> [2009-04-22 11:08:55 | 000,000,174 | -HS- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009-04-22 05:40:32 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009-04-22 03:04:20 | 000,364,544 | ---- | C] ()
physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008-10-07 09:13:30 | 000,197,912 | ---- | C] ()
AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008-10-07 09:13:22 | 000,058,648 | ---- | C] ()
AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008-10-07 09:13:20 | 000,058,648 | ---- | C] ()
< End of report >
