Just nu i M3-nätverket
Gå till innehåll

Micke-89

Medlem
  • Antal inlägg

    173
  • Gick med

  • Senaste besök

Om Micke-89

  • Medlemstitel
    Aktiv

Profil

  • Kön
    Vill inte avslöja
  1. Jag hittade VideoFileDownload på datorn. Enligt denna sida http://greatis.com/blog/how-to-remove-malware/videofiledownload-exe.htm är det virus (kan inte svära på om sidan är säker häller så gå in mmed försiktighet). Hiuttadee nu också PricePeep for FireFox info http://pricepeep.software.informer.com/ Tar bort båda filerna, men det tar väll inte bort allt? hittar mer Bit Boost och BFlix Gadget (den sistnämnda gick inte avinstallera), tog i alla fall bort den från från avinstalationslista. Dom andra har jag avinstalerat i alla fall. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by KENNY at 19:12:06 on 2012-08-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8086.5877 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Mdfrzy\mbamgui.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Mdfrzy\mbamservice.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\AUDIODG.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451} : DhcpNameServer = 192.168.2.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\e0xtzvom.standard\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-3-15 181760] R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-3-15 55296] R2 MBAMService;MBAMService;C:\Program Files (x86)\Mdfrzy\mbamservice.exe [2012-8-2 655944] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SYMPHONY;Corsair USB Headphone Driver;C:\Windows\system32\DRIVERS\Symphony.sys --> C:\Windows\system32\DRIVERS\Symphony.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-07 13:51:37 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65F46089-85DB-4C1C-AF9C-E633FC54D5F9}\mpengine.dll 2012-08-07 13:42:26 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CD12E29-9A29-4250-B2DF-A03D3DAE8E12} 2012-08-07 13:42:11 -------- d-----w- C:\Users\KENNY\AppData\Local\{3D75FC65-9013-4B3A-A35D-66779F3D3692} 2012-08-07 13:41:56 -------- d-----w- C:\Users\KENNY\AppData\Local\{C26EB53E-9041-4F4D-845A-AB9C7F2655BA} 2012-08-06 13:22:31 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-06 13:13:16 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C17187C-0A06-4457-800B-B6EFF470FD0B} 2012-08-06 13:13:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{5EB4E529-5EED-4395-9DDE-909463E19980} 2012-08-06 13:12:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{93A7E10F-5FCC-49A8-AD40-7EE7FB183732} 2012-08-05 09:43:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{7B65AFC3-F442-4952-B8C7-F6CAFE5893C1} 2012-08-05 09:43:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{8F955B54-BE15-45EE-B8CA-F739C15C783C} 2012-08-04 16:57:31 -------- d-----w- C:\_OTL 2012-08-04 08:41:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{247737DA-74C6-4B21-B5BC-0AF2DCFA0CB6} 2012-08-04 08:41:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{E7820B2D-8A6D-4888-805A-D3DC576CF94A} 2012-08-03 09:11:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} 2012-08-03 09:11:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} 2012-08-02 18:48:28 -------- d-----w- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} 2012-08-02 18:48:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} 2012-08-02 18:47:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 18:37:24 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-02 09:45:01 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Malwarebytes 2012-08-02 09:44:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 09:44:54 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 09:44:54 -------- d-----w- C:\Program Files (x86)\Mdfrzy 2012-08-02 06:47:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} 2012-08-02 06:47:35 -------- d-----w- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} 2012-08-01 14:39:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} 2012-08-01 14:39:39 -------- d-----w- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} 2012-07-31 14:30:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} 2012-07-31 14:29:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} 2012-07-30 16:29:26 -------- d-----w- C:\Users\KENNY\AppData\Local\DirectDownloader 2012-07-30 14:31:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} 2012-07-30 14:30:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} 2012-07-29 07:55:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} 2012-07-29 07:55:04 -------- d-----w- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} 2012-07-28 18:12:19 -------- d-----w- C:\Program Files (x86)\OpenApp 2012-07-28 18:02:55 -------- d-----w- C:\Program Files (x86)\smartdl 2012-07-28 08:24:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} 2012-07-28 08:24:40 -------- d-----w- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} 2012-07-27 10:23:22 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} 2012-07-27 10:23:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} 2012-07-26 17:09:24 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-07-26 17:07:39 -------- d-----w- C:\Users\KENNY\AppData\Local\Htc 2012-07-26 17:07:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC 2012-07-26 17:06:01 -------- d-----w- C:\Users\KENNY\AppData\Local\Downloaded Installations 2012-07-26 17:05:42 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-07-26 17:05:29 -------- d-----w- C:\Program Files (x86)\HTC 2012-07-26 17:05:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-07-26 08:23:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} 2012-07-26 08:23:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} 2012-07-25 14:33:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} 2012-07-25 14:32:48 -------- d-----w- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} 2012-07-24 14:30:17 -------- d-----w- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} 2012-07-24 14:30:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} 2012-07-23 16:10:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} 2012-07-23 16:10:07 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} 2012-07-22 09:02:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} 2012-07-22 09:02:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} 2012-07-21 08:49:23 -------- d-----w- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} 2012-07-21 08:49:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} 2012-07-20 07:05:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} 2012-07-20 07:04:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} 2012-07-19 08:42:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} 2012-07-19 08:42:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} 2012-07-18 08:25:12 -------- d-----w- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} 2012-07-18 08:25:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} 2012-07-17 09:34:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} 2012-07-17 09:33:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} 2012-07-16 10:48:32 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} 2012-07-16 10:48:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} 2012-07-15 21:26:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} 2012-07-15 21:25:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} 2012-07-15 09:25:24 -------- d-----w- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} 2012-07-15 09:25:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} 2012-07-14 08:35:29 -------- d-----w- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} 2012-07-14 08:35:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} 2012-07-13 09:04:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} 2012-07-13 09:04:42 -------- d-----w- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} 2012-07-12 16:45:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} 2012-07-12 16:44:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} 2012-07-11 23:08:09 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} 2012-07-11 23:07:53 -------- d-----w- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} 2012-07-11 11:33:35 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 09:22:59 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 09:22:59 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 09:22:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:59 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 09:22:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 09:22:58 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 09:22:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:58 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 09:22:58 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-11 09:20:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} 2012-07-11 09:20:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} 2012-07-10 09:59:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-07-10 08:28:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} 2012-07-10 08:28:45 -------- d-----w- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} 2012-07-09 10:21:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} 2012-07-09 10:20:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} . ==================== Find3M ==================== . 2012-08-05 16:37:15 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-08-05 16:37:15 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-08-05 16:34:46 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-08-02 17:28:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 17:28:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll 2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll 2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll 2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe 2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll 2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll 2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll 2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:44:56 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-30 17:44:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-30 17:44:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-30 17:44:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll . ============= FINISH: 19:12:42,72 =============== Några fler loggar som jag ska ta med? Attachjk54.txt
  2. Jo då fast var ett tag sen jag använde det. Har inte tänkt på att programet kan göra så. Jag lägger i alla fall upp en DDS när jag är klar och hoppas den är ren nu.
  3. Då förstår jag Kollade lite snabbt på min egen dator Annars kan man tydligen nollställa profilen egenom att ta bort pref filen. Men är nog bättre med en ny profil så slipper man allt skit. Så nu är det bara att få bort Yontoo som ligger kvar i avinstalera eller ända program (får bara som sagt error när jag försöker). Verklar vara borta i program, men windows envisas med att ha kvar den.
  4. Ja profilerna har jag hittart dock inte User.js, verkar som man måste skapa en sån fil eller är det inte bara att ta bort profilen och göra ny?
  5. Yontoo får jag inte bort i kontrolpanelen och instalera avinstalera program ligger den kvar och får bara error när jag trycker avinstalera. det andra kunde jag inte häller få bort bara återställa. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by KENNY at 18:20:23 on 2012-08-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8086.5966 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Windows\system32\taskhost.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Mdfrzy\mbamgui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Mdfrzy\mbamservice.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451} : DhcpNameServer = 192.168.2.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 2b37fe5d-c87c-4ae2-8673-4d6b6568c136 FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube . FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.hardId - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15485 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:54:51 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . user_pref('extensions.dealply.partner', 'iron'); . user_pref('extensions.dealply.channel', 'iron3'); . user_pref('extensions.dealply.installId', 'v23900276308063248466862012052511544524'); . user_pref('extensions.dealply.installIdSource', 'inst'); . user_pref('extensions.dealply.sampleGroup', '4'); FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJorqj5j&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.incredibar_i.instlDay - 15550 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:39:14 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyJorqj5j FF - user.js: extensions.incredibar_i.upn2n - 92261837856457397 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 20%5F5 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-3-15 181760] R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-3-15 55296] R2 MBAMService;MBAMService;C:\Program Files (x86)\Mdfrzy\mbamservice.exe [2012-8-2 655944] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SYMPHONY;Corsair USB Headphone Driver;C:\Windows\system32\DRIVERS\Symphony.sys --> C:\Windows\system32\DRIVERS\Symphony.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-06 13:22:31 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C11B1C66-58C9-4F25-89EB-0E9E41931EC0}\mpengine.dll 2012-08-06 13:13:16 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C17187C-0A06-4457-800B-B6EFF470FD0B} 2012-08-06 13:13:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{5EB4E529-5EED-4395-9DDE-909463E19980} 2012-08-06 13:12:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{93A7E10F-5FCC-49A8-AD40-7EE7FB183732} 2012-08-05 09:55:44 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-05 09:43:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{7B65AFC3-F442-4952-B8C7-F6CAFE5893C1} 2012-08-05 09:43:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{8F955B54-BE15-45EE-B8CA-F739C15C783C} 2012-08-04 16:57:31 -------- d-----w- C:\_OTL 2012-08-04 08:41:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{247737DA-74C6-4B21-B5BC-0AF2DCFA0CB6} 2012-08-04 08:41:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{E7820B2D-8A6D-4888-805A-D3DC576CF94A} 2012-08-03 09:11:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} 2012-08-03 09:11:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} 2012-08-02 18:48:28 -------- d-----w- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} 2012-08-02 18:48:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} 2012-08-02 18:47:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 18:37:24 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-02 09:45:01 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Malwarebytes 2012-08-02 09:44:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 09:44:54 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 09:44:54 -------- d-----w- C:\Program Files (x86)\Mdfrzy 2012-08-02 06:47:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} 2012-08-02 06:47:35 -------- d-----w- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} 2012-08-01 14:39:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} 2012-08-01 14:39:39 -------- d-----w- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} 2012-07-31 14:30:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} 2012-07-31 14:29:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} 2012-07-30 16:29:26 -------- d-----w- C:\Users\KENNY\AppData\Local\DirectDownloader 2012-07-30 14:31:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} 2012-07-30 14:30:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} 2012-07-29 07:55:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} 2012-07-29 07:55:04 -------- d-----w- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} 2012-07-28 18:12:19 -------- d-----w- C:\Program Files (x86)\OpenApp 2012-07-28 18:02:55 -------- d-----w- C:\Program Files (x86)\smartdl 2012-07-28 08:24:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} 2012-07-28 08:24:40 -------- d-----w- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} 2012-07-27 10:23:22 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} 2012-07-27 10:23:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} 2012-07-26 17:09:24 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-07-26 17:07:39 -------- d-----w- C:\Users\KENNY\AppData\Local\Htc 2012-07-26 17:07:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC 2012-07-26 17:06:01 -------- d-----w- C:\Users\KENNY\AppData\Local\Downloaded Installations 2012-07-26 17:05:42 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-07-26 17:05:29 -------- d-----w- C:\Program Files (x86)\HTC 2012-07-26 17:05:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-07-26 08:23:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} 2012-07-26 08:23:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} 2012-07-25 14:33:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} 2012-07-25 14:32:48 -------- d-----w- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} 2012-07-24 14:30:17 -------- d-----w- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} 2012-07-24 14:30:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} 2012-07-23 16:10:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} 2012-07-23 16:10:07 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} 2012-07-22 09:02:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} 2012-07-22 09:02:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} 2012-07-21 08:49:23 -------- d-----w- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} 2012-07-21 08:49:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} 2012-07-20 07:05:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} 2012-07-20 07:04:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} 2012-07-19 08:42:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} 2012-07-19 08:42:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} 2012-07-18 08:25:12 -------- d-----w- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} 2012-07-18 08:25:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} 2012-07-17 09:34:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} 2012-07-17 09:33:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} 2012-07-16 10:48:32 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} 2012-07-16 10:48:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} 2012-07-15 21:26:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} 2012-07-15 21:25:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} 2012-07-15 09:25:24 -------- d-----w- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} 2012-07-15 09:25:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} 2012-07-14 08:35:29 -------- d-----w- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} 2012-07-14 08:35:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} 2012-07-13 09:04:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} 2012-07-13 09:04:42 -------- d-----w- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} 2012-07-12 16:45:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} 2012-07-12 16:44:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} 2012-07-11 23:08:09 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} 2012-07-11 23:07:53 -------- d-----w- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} 2012-07-11 11:33:35 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 09:22:59 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 09:22:59 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 09:22:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:59 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 09:22:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 09:22:58 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 09:22:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:58 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 09:22:58 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-11 09:20:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} 2012-07-11 09:20:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} 2012-07-10 09:59:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-07-10 08:28:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} 2012-07-10 08:28:45 -------- d-----w- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} 2012-07-09 10:21:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} 2012-07-09 10:20:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} 2012-07-08 09:08:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} 2012-07-08 09:07:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} . ==================== Find3M ==================== . 2012-08-05 16:37:15 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-08-05 16:37:15 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-08-05 16:34:46 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-08-02 17:28:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 17:28:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll 2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll 2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll 2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe 2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll 2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll 2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll 2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:44:56 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-30 17:44:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-30 17:44:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-30 17:44:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll . ============= FINISH: 18:21:03,46 =============== OTL logfile created on: 2012-08-06 18:24:50 - Run 3 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\KENNY\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 7,90 Gb Total Physical Memory | 5,90 Gb Available Physical Memory | 74,67% Memory free 15,79 Gb Paging File | 13,05 Gb Available in Paging File | 82,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,07 Gb Total Space | 472,67 Gb Free Space | 79,30% Space Free | Partition Type: NTFS Computer Name: WOLF | User Name: KENNY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Users\KENNY\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Mdfrzy\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Mdfrzy\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\ekort\ekort.exe (Orbiscom Ltd. All rights reserved.) PRC - C:\Windows\SysWOW64\OBroker.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Origin\QtWebKit4.dll () MOD - C:\Program Files (x86)\Origin\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\Origin\QtXml4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qtiff4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qmng4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qico4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Origin\QtGui4.dll () MOD - C:\Program Files (x86)\Origin\QtCore4.dll () MOD - C:\Program Files (x86)\Origin\QtNetwork4.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll () MOD - C:\Windows\SysWOW64\OBroker.exe () MOD - C:\Program Files (x86)\ekort\EkortRes.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (Belkin Local Backup Service) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe () SRV:64bit: - (Belkin Network USB Helper) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Mdfrzy\mbamservice.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- c:\Program\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (LBTServ) -- C:\Program\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (wlidsvc) -- C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (SYMPHONY) -- C:\Windows\SysNative\drivers\Symphony.sys (C-Media Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sxuptp) -- C:\Windows\SysNative\drivers\sxuptp.sys (silex technology, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 3F CF 1D 17 02 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: C:\Program Files (x86)\ekort [2012-06-06 19:48:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 02:46:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 02:46:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-03-14 21:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KENNY\AppData\Roaming\mozilla\Extensions [2012-08-03 13:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KENNY\AppData\Roaming\mozilla\Firefox\Profiles\wbktlt3y.default\extensions [2012-06-27 23:12:20 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\KENNY\AppData\Roaming\mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-08-03 14:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-03-15 00:14:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-07-31 17:50:31 | 000,526,190 | ---- | M] () (No name found) -- C:\USERS\KENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WBKTLT3Y.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012-07-19 02:46:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-17 13:38:23 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-06-17 13:38:23 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-06-17 13:38:23 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-06-17 13:38:23 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-06-17 13:38:23 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-06-17 13:38:23 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program Files (x86)\ekort\EKortHelper.dll () O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll () O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [sYMPHONYSound] C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe () O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart File not found O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [instaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Mdfrzy\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b15ba9cc-6e43-11e1-be60-b65a9198c7a8}\Shell - "" = AutoRun O33 - MountPoints2\{b15ba9cc-6e43-11e1-be60-b65a9198c7a8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-08-06 15:13:16 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{1C17187C-0A06-4457-800B-B6EFF470FD0B} [2012-08-06 15:13:05 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{5EB4E529-5EED-4395-9DDE-909463E19980} [2012-08-06 15:12:46 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{93A7E10F-5FCC-49A8-AD40-7EE7FB183732} [2012-08-05 11:43:50 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7B65AFC3-F442-4952-B8C7-F6CAFE5893C1} [2012-08-05 11:43:37 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{8F955B54-BE15-45EE-B8CA-F739C15C783C} [2012-08-04 18:57:31 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-04 10:41:14 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{247737DA-74C6-4B21-B5BC-0AF2DCFA0CB6} [2012-08-04 10:41:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E7820B2D-8A6D-4888-805A-D3DC576CF94A} [2012-08-03 11:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012-08-03 11:11:46 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} [2012-08-03 11:11:21 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} [2012-08-02 20:48:28 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} [2012-08-02 20:48:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} [2012-08-02 20:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012-08-02 20:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012-08-02 11:45:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\Malwarebytes [2012-08-02 11:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fzdhshtjrthjxf [2012-08-02 11:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-02 11:44:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-08-02 11:44:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mdfrzy [2012-08-02 08:47:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} [2012-08-02 08:47:35 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} [2012-08-01 16:39:51 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} [2012-08-01 16:39:39 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} [2012-07-31 16:30:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} [2012-07-31 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} [2012-07-30 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\DirectDownloader [2012-07-30 16:31:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} [2012-07-30 16:30:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} [2012-07-29 22:37:38 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\Vuze Downloads [2012-07-29 09:55:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} [2012-07-29 09:55:04 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} [2012-07-28 20:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenApp [2012-07-28 20:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl [2012-07-28 10:24:50 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} [2012-07-28 10:24:40 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} [2012-07-27 12:23:22 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} [2012-07-27 12:23:10 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} [2012-07-26 19:21:25 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\My Photos [2012-07-26 19:21:25 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\My Documents [2012-07-26 19:09:24 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012-07-26 19:07:39 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\Htc [2012-07-26 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\HTC [2012-07-26 19:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync [2012-07-26 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\Downloaded Installations [2012-07-26 19:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC [2012-07-26 19:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications [2012-07-26 19:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC [2012-07-26 19:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012-07-26 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-07-26 10:23:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} [2012-07-26 10:23:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} [2012-07-25 16:33:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} [2012-07-25 16:32:48 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} [2012-07-24 16:30:17 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} [2012-07-24 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} [2012-07-23 18:10:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} [2012-07-23 18:10:07 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} [2012-07-22 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} [2012-07-22 11:02:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} [2012-07-21 10:49:23 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} [2012-07-21 10:49:10 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} [2012-07-20 09:05:00 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} [2012-07-20 09:04:49 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} [2012-07-19 10:42:57 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} [2012-07-19 10:42:37 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} [2012-07-18 10:25:12 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} [2012-07-18 10:25:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} [2012-07-17 11:34:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} [2012-07-17 11:33:51 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} [2012-07-16 12:48:32 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} [2012-07-16 12:48:21 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} [2012-07-15 23:26:00 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} [2012-07-15 23:25:50 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} [2012-07-15 11:25:24 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} [2012-07-15 11:25:14 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} [2012-07-14 10:35:29 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} [2012-07-14 10:35:15 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} [2012-07-13 11:04:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} [2012-07-13 11:04:42 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} [2012-07-12 18:45:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} [2012-07-12 18:44:49 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} [2012-07-12 01:08:09 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} [2012-07-12 01:07:53 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} [2012-07-11 11:20:20 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} [2012-07-11 11:20:03 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} [2012-07-10 10:28:57 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} [2012-07-10 10:28:45 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} [2012-07-09 12:21:15 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} [2012-07-09 12:20:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} [2012-07-08 11:08:14 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} [2012-07-08 11:07:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} ========== Files - Modified Within 30 Days ========== [2012-08-06 17:28:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-06 15:18:29 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-06 15:18:29 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-06 15:11:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-06 15:11:10 | 2064,322,559 | -HS- | M] () -- C:\hiberfil.sys [2012-08-05 18:37:15 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-08-05 18:37:15 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-08-05 18:34:46 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-08-04 12:54:20 | 001,472,966 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-08-04 12:54:20 | 000,627,634 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat [2012-08-04 12:54:20 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-08-04 12:54:20 | 000,124,688 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat [2012-08-04 12:54:20 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-08-03 14:05:47 | 000,007,599 | ---- | M] () -- C:\Users\KENNY\AppData\Local\Resmon.ResmonCfg [2012-07-12 01:06:50 | 000,266,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012-08-03 14:05:47 | 000,007,599 | ---- | C] () -- C:\Users\KENNY\AppData\Local\Resmon.ResmonCfg [2012-07-03 10:33:51 | 000,008,597 | ---- | C] () -- C:\Windows\SYMPHONY.ini.cfl [2012-07-03 10:33:44 | 000,005,813 | ---- | C] () -- C:\Windows\SYMPHONY.ini.cfg [2012-07-03 10:08:01 | 000,000,342 | ---- | C] () -- C:\Windows\SYMPHONY.ini.imi [2012-06-22 11:03:37 | 001,491,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-06-13 19:56:28 | 000,095,703 | ---- | C] () -- C:\Users\KENNY\AppData\Local\ars.cache [2012-06-13 19:45:01 | 000,000,036 | ---- | C] () -- C:\Users\KENNY\AppData\Local\housecall.guid.cache [2012-06-06 19:47:49 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\OBroker.exe [2012-05-25 09:16:47 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-05-25 09:16:47 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-05-25 01:09:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\ff858c76778d297945eb31b3c87d0a25_c [2012-03-19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-03-19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012-03-15 19:51:33 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-03-15 19:51:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-03-14 21:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-02-15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-02-15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-02-14 19:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-02-14 19:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-02-14 19:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2012-07-27 13:28:30 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\AMS [2012-08-02 01:07:42 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Azureus [2012-07-03 10:33:53 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Corsair [2012-07-26 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\HTC [2012-07-26 19:09:24 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012-03-15 00:22:32 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Leadertech [2012-03-15 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Origin [2012-08-03 14:31:06 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\QuickScan [2012-04-06 18:27:05 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\TS3Client [2012-03-15 00:50:02 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\wargaming.net [2012-03-15 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Windows Live Writer [2012-07-03 10:36:08 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Attach12gh.txt
  6. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Prefs.js: "MyStart Search" removed from browser.search.defaultenginename Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 Prefs.js: "http://mystart.incredibar.com/mb139/?loc=IB_DS&a=6OyJorqj5j&&i=26&search=" removed from keyword.URL File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox not found. C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\searchplugins\MyStart Search.xml moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{641A48B0-771D-6262-E190-61CC47B15106}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{641A48B0-771D-6262-E190-61CC47B15106}\ deleted successfully. C:\ProgramData\ADDICT-THING\bhoclass.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully. C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully. C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully. C:\Program Files (x86)\Conduit folder moved successfully. C:\Users\KENNY\AppData\Local\Conduit folder moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDICT-THING folder moved successfully. C:\ProgramData\ADDICT-THING folder moved successfully. C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\163B4D695065335D folder moved successfully. C:\ProgramData\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632} folder moved successfully. C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67}\7EB6B2B148197F6A folder moved successfully. C:\ProgramData\InstallMate\{0E931A51-A183-4E66-8562-D82896E74C67} folder moved successfully. C:\ProgramData\InstallMate folder moved successfully. C:\Users\KENNY\AppData\Roaming\Babylon folder moved successfully. ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: KENNY ->Temp folder emptied: 1026378460 bytes ->Temporary Internet Files folder emptied: 111031047 bytes ->FireFox cache emptied: 1144018388 bytes ->Flash cache emptied: 70716 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 205116881 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33244 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67863 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2 372,00 mb OTL by OldTimer - Version 3.2.55.0 log created on 08042012_185731 Files\Folders moved on Reboot... C:\Users\KENNY\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\KENNY\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... och dds . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by KENNY at 19:01:39 on 2012-08-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8086.6219 [GMT 2:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\notepad.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Mdfrzy\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\OBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe C:\Program Files (x86)\Mdfrzy\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451} : DhcpNameServer = 192.168.2.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 2b37fe5d-c87c-4ae2-8673-4d6b6568c136 FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube . FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.hardId - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15485 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:54:51 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . user_pref('extensions.dealply.partner', 'iron'); . user_pref('extensions.dealply.channel', 'iron3'); . user_pref('extensions.dealply.installId', 'v23900276308063248466862012052511544524'); . user_pref('extensions.dealply.installIdSource', 'inst'); . user_pref('extensions.dealply.sampleGroup', '4'); FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJorqj5j&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.incredibar_i.instlDay - 15550 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:39:14 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyJorqj5j FF - user.js: extensions.incredibar_i.upn2n - 92261837856457397 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 20%5F5 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-3-15 181760] R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-3-15 55296] R2 MBAMService;MBAMService;C:\Program Files (x86)\Mdfrzy\mbamservice.exe [2012-8-2 655944] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 SYMPHONY;Corsair USB Headphone Driver;C:\Windows\system32\DRIVERS\Symphony.sys --> C:\Windows\system32\DRIVERS\Symphony.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-04 16:57:31 -------- d-----w- C:\_OTL 2012-08-04 08:41:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{247737DA-74C6-4B21-B5BC-0AF2DCFA0CB6} 2012-08-04 08:41:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{E7820B2D-8A6D-4888-805A-D3DC576CF94A} 2012-08-03 19:31:54 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D77B483-DE90-4085-ABB3-4E2CAD862EBF}\mpengine.dll 2012-08-03 09:11:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} 2012-08-03 09:11:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} 2012-08-02 18:48:28 -------- d-----w- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} 2012-08-02 18:48:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} 2012-08-02 18:47:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 18:37:24 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-02 15:04:16 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-02 09:45:01 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Malwarebytes 2012-08-02 09:44:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 09:44:54 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 09:44:54 -------- d-----w- C:\Program Files (x86)\Mdfrzy 2012-08-02 06:47:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} 2012-08-02 06:47:35 -------- d-----w- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} 2012-08-01 14:39:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} 2012-08-01 14:39:39 -------- d-----w- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} 2012-07-31 14:30:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} 2012-07-31 14:29:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} 2012-07-30 16:29:26 -------- d-----w- C:\Users\KENNY\AppData\Local\DirectDownloader 2012-07-30 14:31:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} 2012-07-30 14:30:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} 2012-07-29 20:40:11 -------- d-----w- C:\Program Files (x86)\Raptr 2012-07-29 08:39:38 -------- d-----w- C:\ProgramData\Premium 2012-07-29 08:39:31 -------- d-----w- C:\ProgramData\OptimizerPro 2012-07-29 08:39:26 -------- d-----w- C:\Program Files (x86)\Optimizer Pro 2012-07-29 07:55:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} 2012-07-29 07:55:04 -------- d-----w- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} 2012-07-28 18:12:19 -------- d-----w- C:\Program Files (x86)\OpenApp 2012-07-28 18:02:55 -------- d-----w- C:\Program Files (x86)\smartdl 2012-07-28 08:24:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} 2012-07-28 08:24:40 -------- d-----w- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} 2012-07-27 10:23:22 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} 2012-07-27 10:23:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} 2012-07-26 17:09:24 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-07-26 17:07:39 -------- d-----w- C:\Users\KENNY\AppData\Local\Htc 2012-07-26 17:07:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC 2012-07-26 17:06:01 -------- d-----w- C:\Users\KENNY\AppData\Local\Downloaded Installations 2012-07-26 17:05:42 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-07-26 17:05:29 -------- d-----w- C:\Program Files (x86)\HTC 2012-07-26 17:05:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-07-26 08:23:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} 2012-07-26 08:23:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} 2012-07-25 14:33:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} 2012-07-25 14:32:48 -------- d-----w- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} 2012-07-24 14:30:17 -------- d-----w- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} 2012-07-24 14:30:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} 2012-07-23 16:10:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} 2012-07-23 16:10:07 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} 2012-07-22 09:02:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} 2012-07-22 09:02:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} 2012-07-21 08:49:23 -------- d-----w- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} 2012-07-21 08:49:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} 2012-07-20 07:05:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} 2012-07-20 07:04:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} 2012-07-19 08:42:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} 2012-07-19 08:42:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} 2012-07-18 08:25:12 -------- d-----w- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} 2012-07-18 08:25:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} 2012-07-17 09:34:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} 2012-07-17 09:33:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} 2012-07-16 10:48:32 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} 2012-07-16 10:48:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} 2012-07-15 21:26:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} 2012-07-15 21:25:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} 2012-07-15 09:25:24 -------- d-----w- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} 2012-07-15 09:25:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} 2012-07-14 08:35:29 -------- d-----w- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} 2012-07-14 08:35:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} 2012-07-13 09:04:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} 2012-07-13 09:04:42 -------- d-----w- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} 2012-07-12 16:45:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} 2012-07-12 16:44:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} 2012-07-11 23:08:09 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} 2012-07-11 23:07:53 -------- d-----w- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} 2012-07-11 11:33:35 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 09:22:59 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 09:22:59 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 09:22:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:59 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 09:22:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 09:22:58 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 09:22:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:58 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 09:22:58 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-11 09:20:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} 2012-07-11 09:20:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} 2012-07-10 09:59:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-07-10 08:28:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} 2012-07-10 08:28:45 -------- d-----w- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} 2012-07-09 10:21:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} 2012-07-09 10:20:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} 2012-07-08 09:08:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} 2012-07-08 09:07:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} 2012-07-07 09:07:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{637F92B4-E85C-48A4-972C-0E0413CF8ABE} 2012-07-07 09:07:34 -------- d-----w- C:\Users\KENNY\AppData\Local\{B5D23CCA-A914-4FA0-8385-1551B3D87228} 2012-07-06 09:15:53 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-07-06 09:06:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{01D4BCFA-DBB9-4A04-994C-0E8D1DB7FEED} 2012-07-06 09:06:26 -------- d-----w- C:\Users\KENNY\AppData\Local\{63D4259B-7D30-4DB8-86C0-9B68132B133A} . ==================== Find3M ==================== . 2012-08-04 09:45:25 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-08-04 09:45:25 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-08-02 17:28:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 17:28:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-22 18:25:31 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll 2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll 2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll 2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe 2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll 2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll 2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll 2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:44:56 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-30 17:44:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-30 17:44:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-30 17:44:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll . ============= FINISH: 19:02:33,98 =============== Attach2564.txt
  7. xfx har inte så korta kablar (själv monterat ett sånt i ATX chassi). om jag inte har fel är 8 pinars kontakten 55 cm. Sen är det av bättre kvalité än det agg du har i kundvagnen.Men det är personligen hur länge man vill att datorn ska fungera och om man vill att delar ska gå åt på vägen. Finns andra märken att titta på om man vill ha bra och stabilt agg.
  8. klart OTL logfile created on: 2012-08-03 15:24:42 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\KENNY\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 7,90 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 72,93% Memory free 15,79 Gb Paging File | 13,18 Gb Available in Paging File | 83,48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 596,07 Gb Total Space | 473,41 Gb Free Space | 79,42% Space Free | Partition Type: NTFS Computer Name: WOLF | User Name: KENNY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\KENNY\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Mdfrzy\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Mdfrzy\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe (Affinegy, Inc.) PRC - C:\Program Files (x86)\ekort\ekort.exe (Orbiscom Ltd. All rights reserved.) PRC - C:\Windows\SysWOW64\OBroker.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Program Files (x86)\Origin\QtWebKit4.dll () MOD - C:\Program Files (x86)\Origin\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\Origin\QtXml4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qtiff4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qmng4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qico4.dll () MOD - C:\Program Files (x86)\Origin\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Origin\QtGui4.dll () MOD - C:\Program Files (x86)\Origin\QtCore4.dll () MOD - C:\Program Files (x86)\Origin\QtNetwork4.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll () MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll () MOD - C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll () MOD - C:\Windows\SysWOW64\OBroker.exe () MOD - C:\Program Files (x86)\ekort\EkortRes.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (Belkin Local Backup Service) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe () SRV:64bit: - (Belkin Network USB Helper) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Mdfrzy\mbamservice.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NisSrv) -- c:\Program\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Program\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (LBTServ) -- C:\Program\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (wlidsvc) -- C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (AffinegyService) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (SYMPHONY) -- C:\Windows\SysNative\drivers\Symphony.sys (C-Media Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows ® Win 7 DDK provider) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sxuptp) -- C:\Windows\SysNative\drivers\sxuptp.sys (silex technology, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091'>http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=a6cec5f8000000000000bc5ff41a7d08 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 3F CF 1D 17 02 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=a6cec5f8000000000000bc5ff41a7d08 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb139/?loc=IB_DS&a=6OyJorqj5j&&i=26&search=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: C:\Program Files (x86)\ekort [2012-06-06 19:48:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 02:46:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-19 02:46:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-03-14 21:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KENNY\AppData\Roaming\mozilla\Extensions [2012-08-03 13:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KENNY\AppData\Roaming\mozilla\Firefox\Profiles\wbktlt3y.default\extensions [2012-06-27 23:12:20 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\KENNY\AppData\Roaming\mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-07-29 10:38:58 | 000,002,203 | ---- | M] () -- C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\searchplugins\MyStart Search.xml [2012-08-03 14:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-03-15 00:14:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-07-31 17:50:31 | 000,526,190 | ---- | M] () (No name found) -- C:\USERS\KENNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WBKTLT3Y.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012-07-19 02:46:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-17 13:38:23 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2012-05-25 11:54:48 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012-06-17 13:38:23 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-06-17 13:38:23 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2012-06-17 13:38:23 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2012-06-17 13:38:23 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2012-06-17 13:38:23 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml ========== Chrome ========== O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ADDICT-THING Class) - {641A48B0-771D-6262-E190-61CC47B15106} - C:\ProgramData\ADDICT-THING\bhoclass.dll () O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program Files (x86)\ekort\EKortHelper.dll () O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll () O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [sYMPHONYSound] C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe () O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart File not found O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [instaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Mdfrzy\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b15ba9cc-6e43-11e1-be60-b65a9198c7a8}\Shell - "" = AutoRun O33 - MountPoints2\{b15ba9cc-6e43-11e1-be60-b65a9198c7a8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-08-03 11:58:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012-08-03 11:11:46 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} [2012-08-03 11:11:21 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} [2012-08-02 20:48:28 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} [2012-08-02 20:48:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} [2012-08-02 20:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012-08-02 20:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012-08-02 11:45:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\Malwarebytes [2012-08-02 11:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fzdhshtjrthjxf [2012-08-02 11:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-02 11:44:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-08-02 11:44:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mdfrzy [2012-08-02 08:47:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} [2012-08-02 08:47:35 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} [2012-08-01 16:39:51 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} [2012-08-01 16:39:39 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} [2012-07-31 16:30:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} [2012-07-31 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} [2012-07-30 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\DirectDownloader [2012-07-30 16:31:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} [2012-07-30 16:30:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} [2012-07-29 22:40:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2012-07-29 22:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012-07-29 22:39:16 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\Conduit [2012-07-29 22:37:38 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\Vuze Downloads [2012-07-29 10:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2012-07-29 10:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\OptimizerPro [2012-07-29 10:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro [2012-07-29 10:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDICT-THING [2012-07-29 10:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ADDICT-THING [2012-07-29 10:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2012-07-29 09:55:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} [2012-07-29 09:55:04 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} [2012-07-28 20:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenApp [2012-07-28 20:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl [2012-07-28 10:24:50 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} [2012-07-28 10:24:40 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} [2012-07-27 12:23:22 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} [2012-07-27 12:23:10 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} [2012-07-26 19:21:25 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\My Photos [2012-07-26 19:21:25 | 000,000,000 | ---D | C] -- C:\Users\KENNY\Documents\My Documents [2012-07-26 19:09:24 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012-07-26 19:07:39 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\Htc [2012-07-26 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Roaming\HTC [2012-07-26 19:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync [2012-07-26 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\Downloaded Installations [2012-07-26 19:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC [2012-07-26 19:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications [2012-07-26 19:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC [2012-07-26 19:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012-07-26 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012-07-26 10:23:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} [2012-07-26 10:23:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} [2012-07-25 16:33:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} [2012-07-25 16:32:48 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} [2012-07-24 16:30:17 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} [2012-07-24 16:30:05 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} [2012-07-23 18:10:18 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} [2012-07-23 18:10:07 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} [2012-07-22 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} [2012-07-22 11:02:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} [2012-07-21 10:49:23 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} [2012-07-21 10:49:10 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} [2012-07-20 09:05:00 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} [2012-07-20 09:04:49 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} [2012-07-19 10:42:57 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} [2012-07-19 10:42:37 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} [2012-07-18 10:25:12 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} [2012-07-18 10:25:01 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} [2012-07-17 11:34:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} [2012-07-17 11:33:51 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} [2012-07-16 12:48:32 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} [2012-07-16 12:48:21 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} [2012-07-15 23:26:00 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} [2012-07-15 23:25:50 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} [2012-07-15 11:25:24 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} [2012-07-15 11:25:14 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} [2012-07-14 10:35:29 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} [2012-07-14 10:35:15 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} [2012-07-13 11:04:52 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} [2012-07-13 11:04:42 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} [2012-07-12 18:45:02 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} [2012-07-12 18:44:49 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} [2012-07-12 01:08:09 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} [2012-07-12 01:07:53 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} [2012-07-11 11:20:20 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} [2012-07-11 11:20:03 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} [2012-07-10 10:28:57 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} [2012-07-10 10:28:45 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} [2012-07-09 12:21:15 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} [2012-07-09 12:20:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} [2012-07-08 11:08:14 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} [2012-07-08 11:07:58 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} [2012-07-07 11:07:47 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{637F92B4-E85C-48A4-972C-0E0413CF8ABE} [2012-07-07 11:07:34 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{B5D23CCA-A914-4FA0-8385-1551B3D87228} [2012-07-06 11:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-07-06 11:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-07-06 11:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012-07-06 11:06:37 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{01D4BCFA-DBB9-4A04-994C-0E8D1DB7FEED} [2012-07-06 11:06:26 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{63D4259B-7D30-4DB8-86C0-9B68132B133A} [2012-07-05 11:11:20 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{9E14D3F1-B43F-4613-B3DC-3CA936C3C074} [2012-07-05 11:11:10 | 000,000,000 | ---D | C] -- C:\Users\KENNY\AppData\Local\{B3CBA613-8C48-4ABD-A922-3EE32FF42829} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-08-03 14:47:25 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-03 14:47:25 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-03 14:39:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-03 14:39:51 | 2064,322,559 | -HS- | M] () -- C:\hiberfil.sys [2012-08-03 14:28:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-03 14:05:47 | 000,007,599 | ---- | M] () -- C:\Users\KENNY\AppData\Local\Resmon.ResmonCfg [2012-07-29 22:39:22 | 000,000,009 | ---- | M] () -- C:\END [2012-07-29 10:39:14 | 000,000,690 | ---- | M] () -- C:\user.js [2012-07-26 19:40:40 | 001,472,966 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-07-26 19:40:40 | 000,627,634 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat [2012-07-26 19:40:40 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-07-26 19:40:40 | 000,124,688 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat [2012-07-26 19:40:40 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-07-22 20:25:31 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-07-22 20:25:31 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-07-22 11:37:19 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-07-12 01:06:50 | 000,266,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-08-03 14:05:47 | 000,007,599 | ---- | C] () -- C:\Users\KENNY\AppData\Local\Resmon.ResmonCfg [2012-07-29 22:39:22 | 000,000,009 | ---- | C] () -- C:\END [2012-07-03 10:33:51 | 000,008,597 | ---- | C] () -- C:\Windows\SYMPHONY.ini.cfl [2012-07-03 10:33:44 | 000,005,813 | ---- | C] () -- C:\Windows\SYMPHONY.ini.cfg [2012-07-03 10:08:01 | 000,000,342 | ---- | C] () -- C:\Windows\SYMPHONY.ini.imi [2012-06-22 11:03:37 | 001,491,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-06-13 19:56:28 | 000,095,703 | ---- | C] () -- C:\Users\KENNY\AppData\Local\ars.cache [2012-06-13 19:45:01 | 000,000,036 | ---- | C] () -- C:\Users\KENNY\AppData\Local\housecall.guid.cache [2012-06-06 19:47:49 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\OBroker.exe [2012-05-25 09:16:47 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-05-25 09:16:47 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-05-25 01:09:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\ff858c76778d297945eb31b3c87d0a25_c [2012-03-19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-03-19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012-03-15 19:51:33 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-03-15 19:51:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-03-14 21:37:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-02-15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-02-15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-02-14 19:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012-02-14 19:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012-02-14 19:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2012-07-27 13:28:30 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\AMS [2012-08-02 01:07:42 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Azureus [2012-05-25 01:08:57 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Babylon [2012-07-03 10:33:53 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Corsair [2012-07-26 19:07:39 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\HTC [2012-07-26 19:09:24 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012-03-15 00:22:32 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Leadertech [2012-03-15 18:12:30 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Origin [2012-08-03 14:31:06 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\QuickScan [2012-04-06 18:27:05 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\TS3Client [2012-03-15 00:50:02 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\wargaming.net [2012-03-15 18:14:29 | 000,000,000 | ---D | M] -- C:\Users\KENNY\AppData\Roaming\Windows Live Writer [2012-07-03 10:36:08 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Exthkjhjras.Txt
  9. Jag brukar inte rekomndera sånna agg. Detta http://www.inet.se/produkt/6900491/xfx-core-edition-550w-80-bronze eller http://www.inet.se/produkt/6911319/corsair-tx-550w-m-80-bronze-modular (är bättre agg för pengarna). Annars är paketet bra.
  10. Okej tar bort raptr också (det där konstiga chattprogramet). yontoo som verkar vara någon trojan/virus mned. Jag får inte bort det häller. Återkommer med DDS logg snart. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by KENNY at 14:25:58 on 2012-08-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8086.6165 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Skype\Updater\Updater.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Steam\Steam.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Mdfrzy\mbamgui.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=a6cec5f8000000000000bc5ff41a7d08 uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: ADDICT-THING Class: {641a48b0-771d-6262-e190-61cc47b15106} - C:\ProgramData\ADDICT-THING\bhoclass.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [PersonalPBXMate] "C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451} : DhcpNameServer = 192.168.2.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {641A48B0-771D-6262-E190-61CC47B15106} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [PersonalPBXMate] "C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&a=6OyJorqj5j&&i=26&search= FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 2b37fe5d-c87c-4ae2-8673-4d6b6568c136 FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube . FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.hardId - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15485 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:54:51 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . user_pref('extensions.dealply.partner', 'iron'); . user_pref('extensions.dealply.channel', 'iron3'); . user_pref('extensions.dealply.installId', 'v23900276308063248466862012052511544524'); . user_pref('extensions.dealply.installIdSource', 'inst'); . user_pref('extensions.dealply.sampleGroup', '4'); FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJorqj5j&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.incredibar_i.instlDay - 15550 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:39:14 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyJorqj5j FF - user.js: extensions.incredibar_i.upn2n - 92261837856457397 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 20%5F5 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-3-15 181760] R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-3-15 55296] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SYMPHONY;Corsair USB Headphone Driver;C:\Windows\system32\DRIVERS\Symphony.sys --> C:\Windows\system32\DRIVERS\Symphony.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Mdfrzy\mbamservice.exe [2012-8-2 655944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-03 09:11:46 -------- d-----w- C:\Users\KENNY\AppData\Local\{3C09B89F-7F71-4C88-83CC-7B83622DC393} 2012-08-03 09:11:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{CA4FA6C1-F182-4016-BDD8-BA85F15CCB56} 2012-08-02 18:48:28 -------- d-----w- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} 2012-08-02 18:48:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} 2012-08-02 18:47:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 18:37:24 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-02 15:04:16 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEDB7EE8-53DB-4DCB-8169-0B34577A3382}\mpengine.dll 2012-08-02 09:45:01 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Malwarebytes 2012-08-02 09:44:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 09:44:54 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 09:44:54 -------- d-----w- C:\Program Files (x86)\Mdfrzy 2012-08-02 06:47:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} 2012-08-02 06:47:35 -------- d-----w- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} 2012-08-01 14:47:56 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-01 14:39:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} 2012-08-01 14:39:39 -------- d-----w- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} 2012-07-31 14:30:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} 2012-07-31 14:29:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} 2012-07-30 16:29:26 -------- d-----w- C:\Users\KENNY\AppData\Local\DirectDownloader 2012-07-30 14:31:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} 2012-07-30 14:30:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} 2012-07-29 20:40:11 -------- d-----w- C:\Program Files (x86)\Raptr 2012-07-29 20:39:17 -------- d-----w- C:\Program Files (x86)\Conduit 2012-07-29 20:39:16 -------- d-----w- C:\Users\KENNY\AppData\Local\Conduit 2012-07-29 08:39:38 -------- d-----w- C:\ProgramData\Premium 2012-07-29 08:39:31 -------- d-----w- C:\ProgramData\OptimizerPro 2012-07-29 08:39:26 -------- d-----w- C:\Program Files (x86)\Optimizer Pro 2012-07-29 08:38:36 -------- d-----w- C:\ProgramData\ADDICT-THING 2012-07-29 08:38:17 -------- d-----w- C:\ProgramData\InstallMate 2012-07-29 07:55:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} 2012-07-29 07:55:04 -------- d-----w- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} 2012-07-28 18:12:19 -------- d-----w- C:\Program Files (x86)\OpenApp 2012-07-28 18:02:55 -------- d-----w- C:\Program Files (x86)\smartdl 2012-07-28 08:24:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} 2012-07-28 08:24:40 -------- d-----w- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} 2012-07-27 10:23:22 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} 2012-07-27 10:23:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} 2012-07-26 17:09:24 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-07-26 17:07:39 -------- d-----w- C:\Users\KENNY\AppData\Local\Htc 2012-07-26 17:07:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC 2012-07-26 17:06:01 -------- d-----w- C:\Users\KENNY\AppData\Local\Downloaded Installations 2012-07-26 17:05:42 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-07-26 17:05:29 -------- d-----w- C:\Program Files (x86)\HTC 2012-07-26 17:05:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-07-26 08:23:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} 2012-07-26 08:23:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} 2012-07-25 14:33:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} 2012-07-25 14:32:48 -------- d-----w- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} 2012-07-24 14:30:17 -------- d-----w- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} 2012-07-24 14:30:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} 2012-07-23 16:10:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} 2012-07-23 16:10:07 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} 2012-07-22 09:02:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} 2012-07-22 09:02:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} 2012-07-21 08:49:23 -------- d-----w- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} 2012-07-21 08:49:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} 2012-07-20 07:05:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} 2012-07-20 07:04:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} 2012-07-19 08:42:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} 2012-07-19 08:42:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} 2012-07-18 08:25:12 -------- d-----w- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} 2012-07-18 08:25:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} 2012-07-17 09:34:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} 2012-07-17 09:33:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} 2012-07-16 10:48:32 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} 2012-07-16 10:48:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} 2012-07-15 21:26:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} 2012-07-15 21:25:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} 2012-07-15 09:25:24 -------- d-----w- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} 2012-07-15 09:25:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} 2012-07-14 08:35:29 -------- d-----w- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} 2012-07-14 08:35:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} 2012-07-13 09:04:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} 2012-07-13 09:04:42 -------- d-----w- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} 2012-07-12 16:45:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} 2012-07-12 16:44:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} 2012-07-11 23:08:09 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} 2012-07-11 23:07:53 -------- d-----w- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} 2012-07-11 11:33:35 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 09:22:59 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 09:22:59 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 09:22:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:59 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 09:22:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 09:22:58 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 09:22:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:58 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 09:22:58 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-11 09:20:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} 2012-07-11 09:20:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} 2012-07-10 09:59:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-07-10 08:28:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} 2012-07-10 08:28:45 -------- d-----w- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} 2012-07-09 10:21:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} 2012-07-09 10:20:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} 2012-07-08 09:08:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} 2012-07-08 09:07:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} 2012-07-07 09:07:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{637F92B4-E85C-48A4-972C-0E0413CF8ABE} 2012-07-07 09:07:34 -------- d-----w- C:\Users\KENNY\AppData\Local\{B5D23CCA-A914-4FA0-8385-1551B3D87228} 2012-07-06 09:15:53 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-07-06 09:06:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{01D4BCFA-DBB9-4A04-994C-0E8D1DB7FEED} 2012-07-06 09:06:26 -------- d-----w- C:\Users\KENNY\AppData\Local\{63D4259B-7D30-4DB8-86C0-9B68132B133A} 2012-07-05 09:11:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{9E14D3F1-B43F-4613-B3DC-3CA936C3C074} 2012-07-05 09:11:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{B3CBA613-8C48-4ABD-A922-3EE32FF42829} . ==================== Find3M ==================== . 2012-08-02 17:28:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 17:28:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-22 18:25:31 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-07-22 18:25:31 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-07-22 09:37:19 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll 2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll 2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll 2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe 2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll 2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll 2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll 2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:44:56 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-30 17:44:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-30 17:44:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-30 17:44:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll . ============= FINISH: 14:27:12,20 =============== Attachfff.txt
  11. Jag mistäkte att han fått skit i daorn och han sa att datorn hade blivit seg. Annars finns det inget i datorn som påvisar att den har virus. Han har i för sig fått ett till program nere i vid klockan man man se det (ser ut som ett chatt program). Men har inte namnet i huvudet. Förstår inte hur han lyckas få in 10 ca tolbars i datorn.
  12. Nu är det dax igen då. Min polare lyckades med det omöjliga igen. Kört malbytes,Kaspersky Virus Removal Tool och nod 32 online scan. Alla loggar kommer med. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by KENNY at 23:12:34 on 2012-08-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8086.5618 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files\Corsair VENGEANCE 2000\CPL\CAHS2.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files (x86)\XFastUSB\XFastUsb.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Mdfrzy\mbamgui.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\PROGRA~2\Raptr\raptr.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe C:\Program Files (x86)\Belkin\Router Setup and Monitor\qosPlugin.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Raptr\raptr_ep64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mdfrzy\mbamservice.exe C:\Windows\system32\AUDIODG.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=a6cec5f8000000000000bc5ff41a7d08 uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: ADDICT-THING Class: {641a48b0-771d-6262-e190-61cc47b15106} - C:\ProgramData\ADDICT-THING\bhoclass.dll BHO: Incredibar.com Helper Object: {6e13dde1-2b6e-46ce-8b66-dc8bf36f6b99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll TB: Incredibar Toolbar: {f9639e4a-801b-4843-aee3-03d9da199e77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [PersonalPBXMate] "C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray mRunOnce: [GrpConv] grpconv -o mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{292A936C-773C-4FE9-BB24-9D66861CB451} : DhcpNameServer = 192.168.2.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {641A48B0-771D-6262-E190-61CC47B15106} {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} {ba14329e-9550-4989-b3f2-9732e92d17cc} {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} {F9639E4A-801B-4843-AEE3-03D9DA199E77} {ba14329e-9550-4989-b3f2-9732e92d17cc} mRun-x64: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup mRun-x64: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [PersonalPBXMate] "C:\Program Files (x86)\SoliCall\bin\Personal_PBXMate.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Mdfrzy\mbamgui.exe" /starttray mRunOnce-x64: [GrpConv] grpconv -o . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&a=6OyJorqj5j&&i=26&search= FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\np-mswmp.dll FF - plugin: C:\Users\KENNY\AppData\Roaming\Mozilla\Firefox\Profiles\wbktlt3y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - 2b37fe5d-c87c-4ae2-8673-4d6b6568c136 FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube . FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.hardId - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15485 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1711:54:51 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . user_pref('extensions.dealply.partner', 'iron'); . user_pref('extensions.dealply.channel', 'iron3'); . user_pref('extensions.dealply.installId', 'v23900276308063248466862012052511544524'); . user_pref('extensions.dealply.installIdSource', 'inst'); . user_pref('extensions.dealply.sampleGroup', '4'); FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyJorqj5j&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - a6cec5f8000000000000bc5ff41a7d08 FF - user.js: extensions.incredibar_i.instlDay - 15550 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1410:39:14 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyJorqj5j FF - user.js: extensions.incredibar_i.upn2n - 92261837856457397 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 20%5F5 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?] R1 FNETURPX;FNETURPX;C:\Windows\system32\drivers\FNETURPX.SYS --> C:\Windows\system32\drivers\FNETURPX.SYS [?] R1 MpKslfd16c85b;MpKslfd16c85b;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEDB7EE8-53DB-4DCB-8169-0B34577A3382}\MpKslfd16c85b.sys [2012-8-2 35664] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-3-15 181760] R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-3-15 55296] R2 MBAMService;MBAMService;C:\Program Files (x86)\Mdfrzy\mbamservice.exe [2012-8-2 655944] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040] R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SYMPHONY;Corsair USB Headphone Driver;C:\Windows\system32\DRIVERS\Symphony.sys --> C:\Windows\system32\DRIVERS\Symphony.sys [?] RUnknown 50511128;50511128; [x] RUnknown 5816898drv;5816898drv; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\system32\drivers\FNETTBOH_305.SYS --> C:\Windows\system32\drivers\FNETTBOH_305.SYS [?] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-02 20:01:57 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEDB7EE8-53DB-4DCB-8169-0B34577A3382}\MpKslfd16c85b.sys 2012-08-02 18:48:28 -------- d-----w- C:\Users\KENNY\AppData\Local\{4DAE4414-8E76-4601-91EB-6C086E18385A} 2012-08-02 18:48:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{A3C98CE1-C5DF-4BC0-8ADD-E15DED2F4E32} 2012-08-02 18:47:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 18:37:24 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-02 18:33:28 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEDB7EE8-53DB-4DCB-8169-0B34577A3382}\offreg.dll 2012-08-02 15:04:16 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AEDB7EE8-53DB-4DCB-8169-0B34577A3382}\mpengine.dll 2012-08-02 09:45:01 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Malwarebytes 2012-08-02 09:44:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 09:44:54 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 09:44:54 -------- d-----w- C:\Program Files (x86)\Mdfrzy 2012-08-02 06:47:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{FACA2EA7-E30E-4E8C-8FAD-B6DCEECA2FFB} 2012-08-02 06:47:35 -------- d-----w- C:\Users\KENNY\AppData\Local\{1670F952-1838-42FB-87F3-B27FB360171E} 2012-08-01 14:47:56 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-01 14:39:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{66E625D3-5374-461A-AFD4-F02541507CFF} 2012-08-01 14:39:39 -------- d-----w- C:\Users\KENNY\AppData\Local\{0FDD4A58-8E3A-4CC4-8F6D-C19FD17265E1} 2012-07-31 14:30:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{D661220E-DCF4-4627-AFFD-C9BACE2995A5} 2012-07-31 14:29:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{26A3992D-9394-412B-AD53-357A21D2938C} 2012-07-30 16:29:26 -------- d-----w- C:\Users\KENNY\AppData\Local\DirectDownloader 2012-07-30 14:31:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{B9EAC65B-3941-46E1-AED3-4EC0FF3CFAC4} 2012-07-30 14:30:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{DEC38FC9-D859-4748-8368-E31336DFEC22} 2012-07-29 20:40:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\Raptr 2012-07-29 20:40:11 -------- d-----w- C:\Program Files (x86)\Raptr 2012-07-29 20:39:17 -------- d-----w- C:\Program Files (x86)\Conduit 2012-07-29 20:39:16 -------- d-----w- C:\Users\KENNY\AppData\Local\Conduit 2012-07-29 20:39:15 -------- d-----w- C:\Program Files (x86)\Vuze_Remote 2012-07-29 08:39:38 -------- d-----w- C:\ProgramData\Premium 2012-07-29 08:39:31 -------- d-----w- C:\ProgramData\OptimizerPro 2012-07-29 08:39:26 -------- d-----w- C:\Program Files (x86)\Optimizer Pro 2012-07-29 08:39:13 -------- d-----w- C:\Program Files (x86)\Incredibar.com 2012-07-29 08:38:36 -------- d-----w- C:\ProgramData\ADDICT-THING 2012-07-29 08:38:17 -------- d-----w- C:\ProgramData\InstallMate 2012-07-29 07:55:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{937F4C4F-E761-4F9D-AFB6-4A85C17478E1} 2012-07-29 07:55:04 -------- d-----w- C:\Users\KENNY\AppData\Local\{7FBC3D22-DC2B-4B4B-A5E7-49D8ED32AD4E} 2012-07-28 18:12:19 -------- d-----w- C:\Program Files (x86)\OpenApp 2012-07-28 18:02:55 -------- d-----w- C:\Program Files (x86)\smartdl 2012-07-28 08:24:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{0A8BA5EB-EFC0-4574-A3E5-DEE8C286B222} 2012-07-28 08:24:40 -------- d-----w- C:\Users\KENNY\AppData\Local\{89803C18-7F08-458E-80B3-9403432092B4} 2012-07-27 10:23:22 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F15B864-FC51-4D77-8255-C0D6AD3AE68E} 2012-07-27 10:23:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{0DD3F77A-7860-452E-9632-FB18BD77E89D} 2012-07-26 17:09:24 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-07-26 17:07:39 -------- d-----w- C:\Users\KENNY\AppData\Local\Htc 2012-07-26 17:07:11 -------- d-----w- C:\Users\KENNY\AppData\Roaming\HTC 2012-07-26 17:06:01 -------- d-----w- C:\Users\KENNY\AppData\Local\Downloaded Installations 2012-07-26 17:05:42 -------- d-----w- C:\Program Files (x86)\Spirent Communications 2012-07-26 17:05:29 -------- d-----w- C:\Program Files (x86)\HTC 2012-07-26 17:05:09 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2012-07-26 08:23:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{254B3108-51CA-41AD-993C-496076E647CB} 2012-07-26 08:23:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{C5B6ED28-9DAB-4D90-ABCD-C4EFB2EFA966} 2012-07-25 14:33:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{AD60E4E9-ED71-4309-8EB7-BE5168CF6E3A} 2012-07-25 14:32:48 -------- d-----w- C:\Users\KENNY\AppData\Local\{C96A861D-DFB1-47B1-A831-73039D760C45} 2012-07-24 14:30:17 -------- d-----w- C:\Users\KENNY\AppData\Local\{42E45AD2-9BBE-4ABE-B467-CB7B0FE5E655} 2012-07-24 14:30:05 -------- d-----w- C:\Users\KENNY\AppData\Local\{D160A798-659A-4A8B-B2FD-30B78FE33C8B} 2012-07-23 16:10:18 -------- d-----w- C:\Users\KENNY\AppData\Local\{996C9540-BE8B-40F5-AD75-4B944C0AD019} 2012-07-23 16:10:07 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA25C6A-3ABA-42D7-857B-9D63A843B86B} 2012-07-22 09:02:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{4056E71A-47B8-4F3D-9863-A56135C6D29A} 2012-07-22 09:02:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{E79A2B8C-B763-4475-9C8B-7032837619A0} 2012-07-21 08:49:23 -------- d-----w- C:\Users\KENNY\AppData\Local\{0E0D9D90-0354-41DD-87C1-19E5E0C836DB} 2012-07-21 08:49:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{3EE5BC90-8B3F-4247-AC9C-217979B3B501} 2012-07-20 07:05:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{DAF94222-B600-4032-9027-02F003D5272B} 2012-07-20 07:04:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{961ABD14-83B2-4697-8447-3B5E449FAF77} 2012-07-19 08:42:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{E3282096-9DBB-4E73-937F-6AF4A831635F} 2012-07-19 08:42:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{55CF5C16-AFEC-46EB-ABC7-B03FA9126A54} 2012-07-18 08:25:12 -------- d-----w- C:\Users\KENNY\AppData\Local\{9F230861-CF23-4741-A54F-07906AB52A95} 2012-07-18 08:25:01 -------- d-----w- C:\Users\KENNY\AppData\Local\{BDAC4C63-0AAD-471A-BD64-7859FDB5DEEB} 2012-07-17 09:34:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{964F5E17-B185-41FF-8809-1B87E35670B7} 2012-07-17 09:33:51 -------- d-----w- C:\Users\KENNY\AppData\Local\{D17C1D34-C7B7-4794-BD0D-01D5CD07F4B8} 2012-07-16 10:48:32 -------- d-----w- C:\Users\KENNY\AppData\Local\{1C33B996-BB57-41A1-A60A-98A3F461EBBD} 2012-07-16 10:48:21 -------- d-----w- C:\Users\KENNY\AppData\Local\{EE087ECE-29EE-46E2-9F55-2D3AA304B426} 2012-07-15 21:26:00 -------- d-----w- C:\Users\KENNY\AppData\Local\{E90E66A1-7D64-4122-83CC-D8F4FF692712} 2012-07-15 21:25:50 -------- d-----w- C:\Users\KENNY\AppData\Local\{E9B974E9-FA1F-4C71-9C5F-462B927112CD} 2012-07-15 09:25:24 -------- d-----w- C:\Users\KENNY\AppData\Local\{70C10C92-DB8C-4889-9487-8BBAB6F31F5D} 2012-07-15 09:25:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{609A0470-D0D2-4730-B9E1-736CCF8BEF64} 2012-07-14 08:35:29 -------- d-----w- C:\Users\KENNY\AppData\Local\{5A5EDDB3-4729-4AC2-A503-AA7469C03E3B} 2012-07-14 08:35:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{4CDF74AC-2456-4A51-9314-84CF3E60066D} 2012-07-13 09:04:52 -------- d-----w- C:\Users\KENNY\AppData\Local\{23C5B667-4303-4BCF-BB0F-43FD6FCA7FA1} 2012-07-13 09:04:42 -------- d-----w- C:\Users\KENNY\AppData\Local\{FA99EA6C-0624-4541-A0CF-F1DF66A5ADC4} 2012-07-12 16:45:02 -------- d-----w- C:\Users\KENNY\AppData\Local\{48524C18-CAD2-40E4-9B21-798D5C3A8506} 2012-07-12 16:44:49 -------- d-----w- C:\Users\KENNY\AppData\Local\{299AD14B-7920-48EB-BF49-B5F2C5E33B16} 2012-07-11 23:08:09 -------- d-----w- C:\Users\KENNY\AppData\Local\{7F5813FC-8738-4D51-A5C4-0CBD7E9563B8} 2012-07-11 23:07:53 -------- d-----w- C:\Users\KENNY\AppData\Local\{296770BF-45E3-45B1-81EB-8B13EDCDBDE9} 2012-07-11 11:33:35 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 09:22:59 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-07-11 09:22:59 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 09:22:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:59 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 09:22:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 09:22:58 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 09:22:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 09:22:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 09:22:58 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 09:22:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 09:22:58 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-07-11 09:20:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{52BF190D-7654-4D67-89D7-49372D6DA68A} 2012-07-11 09:20:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{71A8761E-B4AD-4BEF-BAF7-AB5A71D13F38} 2012-07-10 09:59:35 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-07-10 08:28:57 -------- d-----w- C:\Users\KENNY\AppData\Local\{BD78FB45-02C8-49AA-9E00-3554EF86DA71} 2012-07-10 08:28:45 -------- d-----w- C:\Users\KENNY\AppData\Local\{8B175211-2FDE-4A4F-B973-F6C15128D6AF} 2012-07-09 10:21:15 -------- d-----w- C:\Users\KENNY\AppData\Local\{0ACEA0A0-C41B-448D-BCD0-E7494400E2EE} 2012-07-09 10:20:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{9CCBED56-3BAB-44D8-97EE-06612FB8809D} 2012-07-08 09:08:14 -------- d-----w- C:\Users\KENNY\AppData\Local\{EDA905CC-8BB6-4A31-8079-04C0C57EB385} 2012-07-08 09:07:58 -------- d-----w- C:\Users\KENNY\AppData\Local\{E30CBDF4-F4BC-46A9-974D-8DFD7BEDC912} 2012-07-07 09:07:47 -------- d-----w- C:\Users\KENNY\AppData\Local\{637F92B4-E85C-48A4-972C-0E0413CF8ABE} 2012-07-07 09:07:34 -------- d-----w- C:\Users\KENNY\AppData\Local\{B5D23CCA-A914-4FA0-8385-1551B3D87228} 2012-07-06 09:15:53 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-07-06 09:06:37 -------- d-----w- C:\Users\KENNY\AppData\Local\{01D4BCFA-DBB9-4A04-994C-0E8D1DB7FEED} 2012-07-06 09:06:26 -------- d-----w- C:\Users\KENNY\AppData\Local\{63D4259B-7D30-4DB8-86C0-9B68132B133A} 2012-07-05 09:11:20 -------- d-----w- C:\Users\KENNY\AppData\Local\{9E14D3F1-B43F-4613-B3DC-3CA936C3C074} 2012-07-05 09:11:10 -------- d-----w- C:\Users\KENNY\AppData\Local\{B3CBA613-8C48-4ABD-A922-3EE32FF42829} 2012-07-04 07:35:16 -------- d-----w- C:\Users\KENNY\AppData\Local\{512D7BA7-E8C8-47A0-B33C-F68FC03012D5} 2012-07-04 07:35:03 -------- d-----w- C:\Users\KENNY\AppData\Local\{013157CA-FF9D-4D54-92BC-B99BE004D3BC} . ==================== Find3M ==================== . 2012-08-02 17:28:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-02 17:28:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-26 17:11:12 32320 ----a-w- C:\Windows\System32\drivers\FNETTBOH_305.SYS 2012-07-22 18:25:31 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-07-22 18:25:31 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-07-22 09:37:19 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-06-25 14:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll 2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll 2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll 2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll 2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe 2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll 2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll 2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-06-11 11:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-06-11 11:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-06-11 11:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-06-11 11:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-06-11 11:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-06-11 11:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll 2012-06-11 11:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-30 17:44:56 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2012-05-30 17:44:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-05-30 17:44:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2012-05-30 17:44:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll . ============= FINISH: 23:12:47,07 =============== ho.txt log.txt mbam-log-2012-08-02 (11-46-08).txt mbam-log-2012-08-02 (20-26-19).txt mbam-log-2012-08-02 (20-28-16).txt mbam-log-2012-08-02 (20-32-00).txt uh.txt Attach.txt
  13. Hej hur funkar t.ex http://www.inet.se/produkt/2901287/targus-armor-4-port-hub-usb-2-0 ihop med t-bord och mus. T.ex http://www.inet.se/produkt/6606143/microsoft-sidewinder-x4-gaming-keyboard och http://www.inet.se/produkt/6606215/logitech-g400-gaming-mouse. Kommer man kunna trycka på flera tangenter samtidigt eller blir det begränsningar på grund av att man använder en USB port? Men krämen kanske inte räcker så jag undrar om http://www.inet.se/produkt/2901428/usb-hub-13port är ett bättre val eller rent av http://www.inet.se/produkt/2901243/d-link-dub-h4, men får inte gå på mer än 300kr och inte vara för mycket sladdar.
×
×
  • Skapa nytt...