Just nu i M3-nätverket
Gå till innehåll

Gun_H

Medlem
  • Antal inlägg

    46
  • Gick med

  • Senaste besök

1 följare

Om Gun_H

  • Medlemstitel
    Användare

Profil

  • Kön
    Vill inte avslöja
  • Ort
    Stockholm
  1. Ska jag avinstallera MCPR nu och kan jag göra det via det vanliga lägg till/ta bort program i Windows? Nu verkar datorn må betydligt bättre. Tack så jättemycket för hjälpen. Det är verkligen guld värt att kunna få så bra hjälp här
  2. Aha, då ska jag fråga i det andra forumet om streamingen. Nej, annars har jag inga fler frågor för tillfället :-) , så jag tar gärna emot instruktionerna nu.
  3. Hej, Avast verkar fungera bra nu. Men det som fortfarande inte fungerar är att streama film online, från tex Swefilmer. Jag har alltid använt Explorer, men har sista tiden börjat använda Chrome för att många säger att den är säkrare. När det inte gick att streama med Chrome så fick jag rådet att använda Firefox, därför att Avast tydligen stoppar nåt i Chrome som gör att det inte går att streama. Men nu kan jag inte streama med Firefox heller!! Till slut vet jag varken ut eller in? Har du något gott råd? Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-02-2014 02 Ran by Gun at 2014-02-09 20:05:49 Run:1 Running from C:\Users\Gun\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Gun\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\Gun\AppData\Local\Temp\Delta.exe C:\Users\Gun\AppData\Local\Temp\DeltaTB.exe C:\Users\Gun\AppData\Local\Temp\MybabylonTB.exe C:\Users\Gun\AppData\Local\Temp\Quarantine.exe C:\Users\Gun\AppData\Local\Temp\WSSetup.exe C:\Users\Gun\AppData\Local\Temp\nsh41F4.tmp\soffer.dll C:\Users\Gun\AppData\Local\Temp\nsqD4C0.tmp\Helper.dll C:\Users\Gun\Downloads\ccsetup409.exe C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [iLivid] - "C:\Users\Gun\AppData\Local\iLivid\iLivid.exe" -autorun Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml ***************** C:\Users\Gun\AppData\Local\Temp\BundleSweetIMSetup.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\Delta.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\DeltaTB.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\MybabylonTB.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\WSSetup.exe => Moved successfully. C:\Users\Gun\AppData\Local\Temp\nsh41F4.tmp\soffer.dll => Moved successfully. C:\Users\Gun\AppData\Local\Temp\nsqD4C0.tmp\Helper.dll => Moved successfully. C:\Users\Gun\Downloads\ccsetup409.exe => Moved successfully. C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe => Moved successfully. C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe => Moved successfully. C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe => Moved successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => Value not found. HKU\S-1-5-21-1497316217-3356986614-690115362-1002\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml => Moved successfully. ==== End of Fixlog ====
  4. Hej, Jag kunde inte ta bort McAfee via länken eftersom jag inte har någon produktnyckel, men det gick att avinstallera via windows nu. C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application C:\System Volume Information\SystemRestore\FRStaging\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe Win32/iLivid.A potentially unwanted application C:\Users\All Users\IObit\ASCDownloader\Advanced SystemCare.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application C:\Users\Gun\AppData\Local\Temp\nsh41F4.tmp\soffer.dll Win32/Soffer.A potentially unwanted application C:\Users\Gun\AppData\Local\Temp\nsqD4C0.tmp\Helper.dll Win32/Toolbar.SearchSuite.C potentially unwanted application C:\Users\Gun\Downloads\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe Win32/iLivid.A potentially unwanted application C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe Win32/iLivid.A potentially unwanted application C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe Win32/iLivid.A potentially unwanted application # AdwCleaner v3.018 - Report created 08/02/2014 at 00:00:33 # Updated 28/01/2014 by Xplode # Operating System : Windows 8.1 (64 bits) # Username : Gun - GUN # Running from : C:\Users\Gun\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\BitGuard Folder Deleted : C:\ProgramData\Browser Manager Folder Deleted : C:\ProgramData\BrowserProtect Folder Deleted : C:\Program Files (x86)\Common Files\337 Folder Deleted : C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml File Deleted : C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\searchplugins\Ask.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\ilivid Key Deleted : HKLM\Software\DataMngr ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v27.0 (sv-SE) [ File : C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); Line Deleted : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=n11099-247&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0343053551114640&o=APN10645&q="); -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1824 octets] - [06/02/2014 20:24:37] AdwCleaner[R1].txt - [1832 octets] - [07/02/2014 23:53:43] AdwCleaner[s0].txt - [1745 octets] - [08/02/2014 00:00:33] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1805 octets] ########## Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Gun (administrator) on GUN on 08-02-2014 08:59:28 Running from C:\Users\Gun\Desktop Windows 8.1 (X64) OS Language: Swedish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Gun\AppData\Roaming\Spotify\spotify.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Spotify Ltd) C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-12-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation) HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [GoogleChromeAutoLaunch_37CB642D83E8F1A9682A3601F04EF323] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [spotify] - C:\Users\Gun\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-16] (Spotify Ltd) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [iLivid] - "C:\Users\Gun\AppData\Local\iLivid\iLivid.exe" -autorun HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [spotify Web Helper] - C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd) IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150 FireFox: ======== FF ProfilePath: C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default FF Homepage: www.google.se FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-11] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Extension: (Google Dokument) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-11] CHR Extension: (Google Drive) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-11] CHR Extension: (YouTube) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-11] CHR Extension: (No Name) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-03] CHR Extension: (Sök på Google) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-11] CHR Extension: (Väder) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-01-03] CHR Extension: (avast! Online Security) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-11] CHR Extension: (WeatherBug) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2014-01-03] CHR Extension: (Google Wallet) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-11] CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-01-05] CHR Extension: (Gmail) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-11] ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software) S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-04] (AVAST Software) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-11] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] () R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-15] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-08 08:59 - 2014-02-08 08:59 - 00020581 _____ () C:\Users\Gun\Desktop\FRST.txt 2014-02-08 08:59 - 2014-02-08 08:59 - 00000000 ____D () C:\Users\Gun\Desktop\FRST-OlderVersion 2014-02-08 08:58 - 2014-02-08 08:58 - 00001885 _____ () C:\Users\Gun\Desktop\AdwCleaner[s0].txt 2014-02-06 21:10 - 2014-02-06 21:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-06 20:24 - 2014-02-08 00:00 - 00000000 ____D () C:\AdwCleaner 2014-02-06 20:21 - 2014-02-06 20:21 - 01166132 _____ () C:\Users\Gun\Desktop\adwcleaner.exe 2014-02-05 21:33 - 2014-02-05 21:34 - 00004994 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GUN-Gun Gun 2014-02-05 21:07 - 2014-02-08 08:59 - 00000000 ____D () C:\FRST 2014-02-05 21:05 - 2014-02-08 08:59 - 02079744 _____ (Farbar) C:\Users\Gun\Desktop\FRST64.exe 2014-02-04 19:01 - 2014-02-07 23:24 - 00262390 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-03 21:27 - 2014-02-07 23:46 - 00008922 _____ () C:\WINDOWS\PFRO.log 2014-02-03 21:13 - 2014-02-08 00:01 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-02-03 21:13 - 2014-02-04 21:01 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-02-03 20:40 - 2014-02-08 00:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 20:39 - 2014-02-03 20:39 - 00282864 _____ (Mozilla) C:\Users\Gun\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 20:10 - 2014-02-03 20:10 - 04697744 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online (1).exe 2014-02-03 18:49 - 2014-02-03 18:50 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe 2014-02-03 18:43 - 2014-02-03 18:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-01-25 11:03 - 2014-01-25 11:03 - 00000000 ____D () C:\Users\Gun\AppData\Local\Macromedia 2014-01-25 09:51 - 2014-02-03 20:40 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Local\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\ProgramData\Mozilla 2014-01-23 22:21 - 2014-02-08 00:03 - 00000000 ___RD () C:\Users\Gun\Google Drive 2014-01-23 22:21 - 2014-01-23 22:21 - 00001734 _____ () C:\Users\Gun\Desktop\Google Drive.lnk 2014-01-23 22:20 - 2014-02-08 08:53 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-01-23 22:08 - 2014-02-08 08:52 - 00000000 __RDO () C:\Users\Gun\SkyDrive 2014-01-23 20:55 - 2014-01-23 20:55 - 00000000 ____D () C:\Program Files\Common Files\Atheros 2014-01-23 20:52 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-01-23 20:49 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-01-23 20:49 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-01-23 20:49 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-01-23 20:49 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-01-23 20:49 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-01-23 20:49 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-01-23 20:49 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-01-23 20:49 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-01-23 20:49 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-01-23 20:49 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-01-23 20:49 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-01-23 20:49 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-01-23 20:49 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-01-23 20:49 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-01-23 20:49 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-01-23 20:49 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-01-23 20:49 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-01-23 20:49 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-01-23 20:49 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-01-23 20:49 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-01-23 20:49 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-01-23 20:49 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-01-23 20:49 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-01-23 20:49 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-01-23 20:49 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-01-23 20:49 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-01-23 20:49 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-01-23 20:49 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-01-23 20:49 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-01-23 20:49 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-01-23 20:49 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-01-23 20:49 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-01-23 20:49 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-01-23 20:49 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-01-23 20:49 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-01-23 20:49 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-01-23 20:49 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-01-23 20:49 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-01-23 20:49 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-01-23 20:49 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-01-23 20:49 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-01-23 20:49 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-01-23 20:49 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-01-23 20:49 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-01-23 20:49 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-01-23 20:49 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-01-23 20:49 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-01-23 20:49 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-01-23 20:49 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-01-23 20:49 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-01-23 20:49 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-01-23 20:49 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-01-23 20:49 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-01-23 20:04 - 2014-01-23 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-01-20 21:18 - 2014-01-20 21:18 - 04689480 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online.exe 2014-01-19 21:06 - 2014-01-19 21:06 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe 2014-01-19 21:01 - 2014-01-19 21:01 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe 2014-01-18 10:52 - 2014-01-18 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-01-16 20:16 - 2014-01-16 20:16 - 00000000 ____D () C:\Program Files\Classic Shell 2014-01-16 20:04 - 2014-01-16 20:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled 2014-01-16 19:58 - 2014-02-07 23:45 - 00003896 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35333432-906E-4192-81B7-FCD0C70B04FB} 2014-01-16 19:50 - 2014-01-16 19:51 - 00165659 _____ () C:\MyXML.xml 2014-01-16 19:49 - 2014-01-16 19:49 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup (1).exe 2014-01-16 19:41 - 2014-02-03 17:49 - 00000000 ____D () C:\ProgramData\ProductData 2014-01-16 19:41 - 2014-01-16 19:41 - 00000246 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Gun.job 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Apple Computer 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-16 19:40 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\IObit 2014-01-16 19:39 - 2014-01-23 20:18 - 00000000 ____D () C:\ProgramData\IObit 2014-01-16 19:39 - 2014-01-16 20:05 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-01-16 19:38 - 2014-01-16 19:38 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup.exe 2014-01-16 18:50 - 2014-01-16 18:50 - 00001448 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 18:50 - 2014-01-16 18:50 - 00000020 ___SH () C:\Users\Gun\ntuser.ini 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Skrivare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Nätverket 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mina dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Lokala inställningar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Skrivbord 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Program Files\Delade filer 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 ___DL () C:\Program 2014-01-15 23:31 - 2014-01-15 23:31 - 00022908 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-01-15 23:14 - 2014-01-15 23:14 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-01-15 23:13 - 2014-02-03 18:46 - 00000000 ____D () C:\Users\Gun 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-15 23:13 - 2014-01-15 23:31 - 00030483 _____ () C:\WINDOWS\diagwrn.xml 2014-01-15 23:13 - 2014-01-15 23:31 - 00030483 _____ () C:\WINDOWS\diagerr.xml 2014-01-15 23:13 - 2014-01-15 23:14 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Start-meny 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Skrivare 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Nätverket 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mina dokument 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mallar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Lokala inställningar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina videoklipp 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina bilder 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Min musik 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Local\Tidigare 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-15 23:08 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-01-15 23:08 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-01-15 23:08 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-01-15 23:07 - 2014-01-23 20:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-15 23:07 - 2014-01-23 20:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-15 23:07 - 2014-01-15 23:16 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-01-15 23:07 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2014-01-15 23:07 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2014-01-15 23:06 - 2014-01-15 23:06 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat 2014-01-15 23:06 - 2014-01-15 23:06 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\Program Files\Realtek 2014-01-15 23:04 - 2014-01-16 19:47 - 00000000 ___DC () C:\WINDOWS\Panther 2014-01-15 23:04 - 2014-01-15 23:04 - 00000000 __SHD () C:\Recovery 2014-01-15 23:02 - 2014-01-15 23:02 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-01-15 23:00 - 2014-01-15 23:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-01-15 22:59 - 2014-01-15 22:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\MSBuild 2014-01-15 22:56 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-01-15 22:56 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-01-11 11:48 - 2014-01-11 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-01-11 11:47 - 2014-01-11 11:55 - 137583624 _____ ( ) C:\Users\Gun\Downloads\PowerDVD_v5022_RiTA10(2D)(ASUS)(a)_Patch_DVD130401-26.exe 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\Documents\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\ProgramData\CyberLink ==================== One Month Modified Files and Folders ======= 2014-02-08 09:00 - 2014-02-08 08:59 - 00020581 _____ () C:\Users\Gun\Desktop\FRST.txt 2014-02-08 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-02-08 08:59 - 2014-02-08 08:59 - 00000000 ____D () C:\Users\Gun\Desktop\FRST-OlderVersion 2014-02-08 08:59 - 2014-02-05 21:07 - 00000000 ____D () C:\FRST 2014-02-08 08:59 - 2014-02-05 21:05 - 02079744 _____ (Farbar) C:\Users\Gun\Desktop\FRST64.exe 2014-02-08 08:58 - 2014-02-08 08:58 - 00001885 _____ () C:\Users\Gun\Desktop\AdwCleaner[s0].txt 2014-02-08 08:57 - 2013-12-11 21:38 - 00000996 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-08 08:56 - 2014-02-04 19:01 - 00262390 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-08 08:56 - 2013-12-14 17:11 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Spotify 2014-02-08 08:55 - 2013-12-11 21:16 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1497316217-3356986614-690115362-1002 2014-02-08 08:54 - 2013-11-14 08:31 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-08 08:54 - 2013-11-14 08:15 - 00733830 _____ () C:\WINDOWS\system32\perfh01D.dat 2014-02-08 08:54 - 2013-11-14 08:15 - 00152166 _____ () C:\WINDOWS\system32\perfc01D.dat 2014-02-08 08:53 - 2014-01-23 22:20 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-02-08 08:52 - 2014-01-23 22:08 - 00000000 __RDO () C:\Users\Gun\SkyDrive 2014-02-08 08:52 - 2013-12-11 21:38 - 00000992 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-08 00:03 - 2014-01-23 22:21 - 00000000 ___RD () C:\Users\Gun\Google Drive 2014-02-08 00:03 - 2013-12-11 21:05 - 00000062 _____ () C:\Users\Gun\AppData\Roaming\sp_data.sys 2014-02-08 00:01 - 2014-02-03 21:13 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-02-08 00:01 - 2014-02-03 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-08 00:01 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-02-08 00:01 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-02-08 00:00 - 2014-02-06 20:24 - 00000000 ____D () C:\AdwCleaner 2014-02-07 23:50 - 2013-12-14 17:11 - 00000000 ____D () C:\Users\Gun\AppData\Local\Spotify 2014-02-07 23:47 - 2012-12-19 09:42 - 00000000 ____D () C:\ProgramData\McAfee 2014-02-07 23:47 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-02-07 23:46 - 2014-02-03 21:27 - 00008922 _____ () C:\WINDOWS\PFRO.log 2014-02-07 23:46 - 2013-12-11 22:12 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\ClassicShell 2014-02-07 23:45 - 2014-01-16 19:58 - 00003896 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35333432-906E-4192-81B7-FCD0C70B04FB} 2014-02-07 23:41 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-02-06 21:11 - 2014-02-06 21:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-06 20:21 - 2014-02-06 20:21 - 01166132 _____ () C:\Users\Gun\Desktop\adwcleaner.exe 2014-02-06 20:21 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-02-05 21:35 - 2013-12-11 21:05 - 00000000 ____D () C:\Users\Gun\AppData\Local\Packages 2014-02-05 21:34 - 2014-02-05 21:33 - 00004994 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GUN-Gun Gun 2014-02-04 21:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-02-04 21:01 - 2014-02-03 21:13 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-02-03 21:13 - 2013-12-12 22:07 - 00000000 ____D () C:\Users\Gun\AppData\Local\Adobe 2014-02-03 20:40 - 2014-01-25 09:51 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-03 20:39 - 2014-02-03 20:39 - 00282864 _____ (Mozilla) C:\Users\Gun\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 20:38 - 2013-12-11 21:48 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-02-03 20:33 - 2013-12-11 21:05 - 00000000 ____D () C:\Users\Gun\AppData\Local\ASUS 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\icsxml 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\icsxml 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-02-03 20:33 - 2013-06-07 20:17 - 00000000 ____D () C:\ProgramData\P4G 2014-02-03 20:33 - 2012-12-19 09:40 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-02-03 20:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration 2014-02-03 20:10 - 2014-02-03 20:10 - 04697744 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online (1).exe 2014-02-03 18:50 - 2014-02-03 18:49 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe 2014-02-03 18:46 - 2014-01-15 23:13 - 00000000 ____D () C:\Users\Gun 2014-02-03 18:43 - 2014-02-03 18:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-03 18:24 - 2013-12-13 19:22 - 00000000 __RHD () C:\MSOCache 2014-02-03 17:49 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\ProductData 2014-02-03 17:26 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated 2014-02-03 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-25 11:03 - 2014-01-25 11:03 - 00000000 ____D () C:\Users\Gun\AppData\Local\Macromedia 2014-01-25 10:16 - 2012-12-19 09:40 - 00000000 ____D () C:\ProgramData\Adobe 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Local\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\ProgramData\Mozilla 2014-01-23 22:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-01-23 22:24 - 2013-12-11 21:38 - 00000000 ____D () C:\Program Files\Google 2014-01-23 22:24 - 2013-12-11 21:38 - 00000000 ____D () C:\Program Files (x86)\Google 2014-01-23 22:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(424) 2014-01-23 22:21 - 2014-01-23 22:21 - 00001734 _____ () C:\Users\Gun\Desktop\Google Drive.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-01-23 22:14 - 2013-12-11 21:38 - 00000000 ____D () C:\Users\Gun\AppData\Local\Google 2014-01-23 22:08 - 2013-12-13 19:19 - 00000000 ___RD () C:\Users\Gun\SkyDrive.old 2014-01-23 21:16 - 2013-12-11 21:39 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-01-23 21:16 - 2013-12-11 21:39 - 00000000 ____D () C:\Program Files\CCleaner 2014-01-23 20:58 - 2013-12-11 21:09 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-23 20:58 - 2013-12-11 21:09 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-01-23 20:57 - 2013-08-22 15:44 - 00473280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-01-23 20:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-01-23 20:56 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-01-23 20:56 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-01-23 20:55 - 2014-01-23 20:55 - 00000000 ____D () C:\Program Files\Common Files\Atheros 2014-01-23 20:55 - 2013-06-07 20:12 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-01-23 20:19 - 2013-06-07 20:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV 2014-01-23 20:19 - 2013-06-07 20:04 - 00000000 ____D () C:\WINDOWS\system32\NV 2014-01-23 20:19 - 2013-06-07 20:03 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-01-23 20:18 - 2014-01-16 19:39 - 00000000 ____D () C:\ProgramData\IObit 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-23 20:18 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-23 20:18 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-23 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help 2014-01-23 20:04 - 2014-01-23 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-01-20 21:18 - 2014-01-20 21:18 - 04689480 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online.exe 2014-01-19 21:06 - 2014-01-19 21:06 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe 2014-01-19 21:01 - 2014-01-19 21:01 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe 2014-01-18 10:52 - 2014-01-18 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-01-16 20:16 - 2014-01-16 20:16 - 00000000 ____D () C:\Program Files\Classic Shell 2014-01-16 20:05 - 2014-01-16 19:39 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-01-16 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-01-16 20:04 - 2014-01-16 20:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled 2014-01-16 19:51 - 2014-01-16 19:50 - 00165659 _____ () C:\MyXML.xml 2014-01-16 19:49 - 2014-01-16 19:49 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup (1).exe 2014-01-16 19:47 - 2014-01-15 23:04 - 00000000 ___DC () C:\WINDOWS\Panther 2014-01-16 19:41 - 2014-01-16 19:41 - 00000246 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Gun.job 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Apple Computer 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-16 19:41 - 2014-01-16 19:40 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\IObit 2014-01-16 19:38 - 2014-01-16 19:38 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup.exe 2014-01-16 19:33 - 2013-12-12 22:11 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-01-16 19:09 - 2013-12-13 19:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-01-16 18:51 - 2013-12-11 21:09 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD 2014-01-16 18:50 - 2014-01-16 18:50 - 00001448 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 18:50 - 2014-01-16 18:50 - 00000020 ___SH () C:\Users\Gun\ntuser.ini 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Skrivare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Nätverket 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mina dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Lokala inställningar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Skrivbord 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Program Files\Delade filer 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 ___DL () C:\Program 2014-01-15 23:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2014-01-15 23:33 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2014-01-15 23:31 - 2014-01-15 23:31 - 00022908 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-01-15 23:31 - 2014-01-15 23:13 - 00030483 _____ () C:\WINDOWS\diagwrn.xml 2014-01-15 23:31 - 2014-01-15 23:13 - 00030483 _____ () C:\WINDOWS\diagerr.xml 2014-01-15 23:24 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-01-15 23:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(79) 2014-01-15 23:18 - 2014-01-03 14:11 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-appar 2014-01-15 23:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-01-15 23:18 - 2012-12-19 09:42 - 00000000 ____D () C:\WINDOWS\sv 2014-01-15 23:18 - 2012-12-19 09:42 - 00000000 ____D () C:\WINDOWS\fi 2014-01-15 23:18 - 2012-12-19 09:41 - 00000000 ____D () C:\WINDOWS\da 2014-01-15 23:18 - 2012-07-26 10:43 - 00000000 ____D () C:\WINDOWS\en-GB 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\system32\WCN 2014-01-15 23:17 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME 2014-01-15 23:17 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2014-01-15 23:17 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-01-15 23:17 - 2013-06-07 20:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda 2014-01-15 23:17 - 2012-08-02 14:28 - 00000000 ____D () C:\ProgramData\PRICache 2014-01-15 23:16 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-01-15 23:16 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2014-01-15 23:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-01-15 23:14 - 2014-01-15 23:14 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-01-15 23:14 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Start-meny 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Skrivare 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Nätverket 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mina dokument 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mallar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Lokala inställningar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina videoklipp 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina bilder 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Min musik 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Local\Tidigare 2014-01-15 23:06 - 2014-01-15 23:06 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat 2014-01-15 23:06 - 2014-01-15 23:06 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\Program Files\Realtek 2014-01-15 23:04 - 2014-01-15 23:04 - 00000000 __SHD () C:\Recovery 2014-01-15 23:02 - 2014-01-15 23:02 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-01-15 23:02 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2014-01-15 23:01 - 2014-01-15 23:01 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-01-15 23:00 - 2014-01-15 23:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-01-15 22:59 - 2014-01-15 22:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\MSBuild 2014-01-15 21:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-01-15 20:26 - 2013-12-15 10:05 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-01-15 20:24 - 2013-12-15 10:04 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-11 12:22 - 2014-01-04 12:22 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2014-01-11 11:55 - 2014-01-11 11:47 - 137583624 _____ ( ) C:\Users\Gun\Downloads\PowerDVD_v5022_RiTA10(2D)(ASUS)(a)_Patch_DVD130401-26.exe 2014-01-11 11:48 - 2014-01-11 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\Documents\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\ProgramData\CyberLink Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\Gun\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\Gun\AppData\Local\Temp\Delta.exe C:\Users\Gun\AppData\Local\Temp\DeltaTB.exe C:\Users\Gun\AppData\Local\Temp\MybabylonTB.exe C:\Users\Gun\AppData\Local\Temp\Quarantine.exe C:\Users\Gun\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-03 21:53 ==================== End Of Log ============================
  5. Hej, McAfee fanns med på datorn när jag köpte den, men när provtiden gått ut tänkte jag avinstallera den vilket inte verkar ha lyckats. Avast är det program jag vill ha, men en bekant sa att avast stör om jag kör chrome och vill streama film, så då tänkte jag att jag provar att avinstallera för att se om det funkar då. Men det gick varken att få bort allt eller att sedan återinstallera. Jag har försökt att göra en systemåterställning, vilket inte heller fungerar. Jag har avinstallerat de två program som du skrev att jag skulle ta bort. # AdwCleaner v3.018 - Report created 06/02/2014 at 20:24:37 # Updated 28/01/2014 by Xplode # Operating System : Windows 8.1 (64 bits) # Username : Gun - GUN # Running from : C:\Users\Gun\Desktop\adwcleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\searchplugins\Ask.xml Folder Found : C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml Folder Found C:\Program Files (x86)\Common Files\337 Folder Found C:\Program Files (x86)\Movies Toolbar Folder Found C:\ProgramData\BitGuard Folder Found C:\ProgramData\Browser Manager Folder Found C:\ProgramData\BrowserProtect ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\ilivid Key Found : [x64] HKCU\Software\ilivid Key Found : HKLM\Software\DataMngr ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v26.0 (sv-SE) [ File : C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\prefs.js ] Line Found : user_pref("browser.search.defaultenginename", "Ask.com"); Line Found : user_pref("browser.search.order.1", "Ask.com"); Line Found : user_pref("browser.search.selectedEngine", "Ask.com"); Line Found : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=n11099-247&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0343053551114640&o=APN10645&q="); -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1680 octets] - [06/02/2014 20:24:37] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1740 octets] ########## FRST.txt
  6. Här kommer loggen.Jag tror att jag har 64-bitars. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014 Ran by Gun (administrator) on GUN on 05-02-2014 21:08:22 Running from C:\Users\Gun\Desktop Windows 8.1 (X64) OS Language: Swedish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Bandoo Media Inc.) C:\Users\Gun\AppData\Local\iLivid\iLivid.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe (Spotify Ltd) C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-12-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation) HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-04] (AVAST Software) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [GoogleChromeAutoLaunch_37CB642D83E8F1A9682A3601F04EF323] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [spotify] - C:\Users\Gun\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-16] (Spotify Ltd) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [iLivid] - C:\Users\Gun\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google) HKU\S-1-5-21-1497316217-3356986614-690115362-1002\...\Run: [spotify Web Helper] - C:\Users\Gun\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd) AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] () AppInit_DLLs: C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll [24064 2014-01-16] () AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] () AppInit_DLLs-x32: C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll [20480 2014-01-16] () IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsemngr.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browsermngr.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe IFEO\cltmngsvc.exe: [Debugger] tasklist.exe IFEO\delta babylon.exe: [Debugger] tasklist.exe IFEO\delta tb.exe: [Debugger] tasklist.exe IFEO\delta2.exe: [Debugger] tasklist.exe IFEO\deltainstaller.exe: [Debugger] tasklist.exe IFEO\deltasetup.exe: [Debugger] tasklist.exe IFEO\deltatb.exe: [Debugger] tasklist.exe IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe IFEO\iminentsetup.exe: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\rjatydimofu.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\sweetimsetup.exe: [Debugger] tasklist.exe IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll [485376 2014-01-16] () <===== ATTENTION HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll [658944 2014-01-16] () <===== ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150 FireFox: ======== FF ProfilePath: C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default FF DefaultSearchEngine: Ask.com FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Ask.com FF Homepage: www.google.se FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=394&systemid=406&v=n11099-247&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0343053551114640&o=APN10645&q= FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml FF Extension: New tab - C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\Extensions\{41B95867-9E43-5627-B90B-31E1FD82AD26} [2014-02-03] FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Users\Gun\AppData\Roaming\Mozilla\Firefox\Profiles\md10by98.default\Extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} [2014-02-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-11] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-12-19] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Extension: (Google Dokument) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-11] CHR Extension: (Google Drive) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-11] CHR Extension: (YouTube) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-11] CHR Extension: (YouTube) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-03] CHR Extension: (Sök på Google) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-11] CHR Extension: (Väder) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-01-03] CHR Extension: (avast! Online Security) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-11] CHR Extension: (WeatherBug) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2014-01-03] CHR Extension: (Google Wallet) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-11] CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-01-05] CHR Extension: (Gmail) - C:\Users\Gun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-11] ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-04] (AVAST Software) S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-04] (AVAST Software) R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3447808 2014-01-16] (Bandoo Media Inc.) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-04] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-11] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-04] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-04] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-04] () R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-15] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.) R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.) R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.) R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-05 21:08 - 2014-02-05 21:10 - 00026593 _____ () C:\Users\Gun\Desktop\FRST.txt 2014-02-05 21:07 - 2014-02-05 21:08 - 00000000 ____D () C:\FRST 2014-02-05 21:05 - 2014-02-05 21:05 - 02082304 _____ (Farbar) C:\Users\Gun\Desktop\FRST64.exe 2014-02-04 19:38 - 2014-02-04 19:38 - 00688992 _____ (Swearware) C:\Users\Gun\Desktop\dds.scr 2014-02-04 19:01 - 2014-02-05 21:07 - 00174502 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-03 21:27 - 2014-02-03 21:27 - 00005448 _____ () C:\WINDOWS\PFRO.log 2014-02-03 21:13 - 2014-02-05 21:01 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-02-03 21:13 - 2014-02-04 21:01 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-02-03 21:13 - 2014-02-03 21:46 - 00001949 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-02-03 20:40 - 2014-02-03 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 20:39 - 2014-02-03 20:39 - 00282864 _____ (Mozilla) C:\Users\Gun\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 20:10 - 2014-02-03 20:10 - 04697744 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online (1).exe 2014-02-03 18:53 - 2014-02-03 18:53 - 00001252 _____ () C:\Users\Public\Desktop\Free Games.lnk 2014-02-03 18:53 - 2014-02-03 18:53 - 00001081 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk 2014-02-03 18:53 - 2014-02-03 18:53 - 00001073 _____ () C:\Users\Gun\Desktop\iLivid.lnk 2014-02-03 18:51 - 2014-02-03 20:33 - 00000000 ____D () C:\ProgramData\Wincert 2014-02-03 18:50 - 2014-02-05 21:04 - 00000000 ____D () C:\ProgramData\Datamngr 2014-02-03 18:50 - 2014-02-03 20:33 - 00000000 ____D () C:\Users\Gun\AppData\Local\iLivid 2014-02-03 18:50 - 2014-02-03 18:50 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-02-03 18:49 - 2014-02-03 18:50 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe 2014-02-03 18:43 - 2014-02-03 18:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-01-25 11:04 - 2014-02-03 21:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-01-25 11:03 - 2014-01-25 11:03 - 00000000 ____D () C:\Users\Gun\AppData\Local\Macromedia 2014-01-25 10:16 - 2014-02-03 21:13 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-01-25 09:51 - 2014-02-03 21:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-01-25 09:51 - 2014-02-03 20:40 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Local\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\ProgramData\Mozilla 2014-01-24 19:48 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2014-01-23 22:21 - 2014-02-03 21:29 - 00000000 ___RD () C:\Users\Gun\Google Drive 2014-01-23 22:21 - 2014-01-23 22:21 - 00001734 _____ () C:\Users\Gun\Desktop\Google Drive.lnk 2014-01-23 22:20 - 2014-02-05 20:58 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-01-23 22:08 - 2014-02-03 21:31 - 00000000 __RDO () C:\Users\Gun\SkyDrive 2014-01-23 20:55 - 2014-01-23 20:55 - 00000000 ____D () C:\Program Files\Common Files\Atheros 2014-01-23 20:52 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-01-23 20:49 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-01-23 20:49 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-01-23 20:49 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-01-23 20:49 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-01-23 20:49 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-01-23 20:49 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-01-23 20:49 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-01-23 20:49 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-01-23 20:49 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-01-23 20:49 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-01-23 20:49 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-01-23 20:49 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-01-23 20:49 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-01-23 20:49 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-01-23 20:49 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-01-23 20:49 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-01-23 20:49 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-01-23 20:49 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-01-23 20:49 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-01-23 20:49 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-01-23 20:49 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-01-23 20:49 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-01-23 20:49 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-01-23 20:49 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-01-23 20:49 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-01-23 20:49 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-01-23 20:49 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-01-23 20:49 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-01-23 20:49 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-01-23 20:49 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-01-23 20:49 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-01-23 20:49 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-01-23 20:49 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-01-23 20:49 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-01-23 20:49 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-01-23 20:49 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-01-23 20:49 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-01-23 20:49 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-01-23 20:49 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-01-23 20:49 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-01-23 20:49 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-01-23 20:49 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-01-23 20:49 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-01-23 20:49 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-01-23 20:49 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-01-23 20:49 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-01-23 20:49 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-01-23 20:49 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-01-23 20:49 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-01-23 20:49 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-01-23 20:49 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-01-23 20:49 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-01-23 20:49 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-01-23 20:49 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-01-23 20:04 - 2014-01-23 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\BrowserProtect 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\Browser Manager 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\BitGuard 2014-01-20 21:18 - 2014-01-20 21:18 - 04689480 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online.exe 2014-01-19 21:06 - 2014-01-19 21:06 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe 2014-01-19 21:01 - 2014-01-19 21:01 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe 2014-01-18 10:52 - 2014-01-18 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-01-16 20:16 - 2014-01-16 20:16 - 00000000 ____D () C:\Program Files\Classic Shell 2014-01-16 20:04 - 2014-01-16 20:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled 2014-01-16 19:58 - 2014-02-05 21:05 - 00003896 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35333432-906E-4192-81B7-FCD0C70B04FB} 2014-01-16 19:50 - 2014-01-16 19:51 - 00165659 _____ () C:\MyXML.xml 2014-01-16 19:49 - 2014-01-16 19:49 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup (1).exe 2014-01-16 19:41 - 2014-02-03 17:49 - 00000000 ____D () C:\ProgramData\ProductData 2014-01-16 19:41 - 2014-01-16 19:41 - 00000246 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Gun.job 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Apple Computer 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-16 19:40 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\IObit 2014-01-16 19:39 - 2014-01-23 20:18 - 00000000 ____D () C:\ProgramData\IObit 2014-01-16 19:39 - 2014-01-16 20:05 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-01-16 19:38 - 2014-01-16 19:38 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup.exe 2014-01-16 18:50 - 2014-01-16 18:50 - 00001448 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 18:50 - 2014-01-16 18:50 - 00000020 ___SH () C:\Users\Gun\ntuser.ini 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Skrivare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Nätverket 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mina dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Lokala inställningar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Skrivbord 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Program Files\Delade filer 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 ___DL () C:\Program 2014-01-15 23:31 - 2014-01-15 23:31 - 00022908 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-01-15 23:14 - 2014-01-15 23:14 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-01-15 23:13 - 2014-02-03 18:46 - 00000000 ____D () C:\Users\Gun 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-15 23:13 - 2014-01-23 20:18 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-15 23:13 - 2014-01-15 23:31 - 00030483 _____ () C:\WINDOWS\diagwrn.xml 2014-01-15 23:13 - 2014-01-15 23:31 - 00030483 _____ () C:\WINDOWS\diagerr.xml 2014-01-15 23:13 - 2014-01-15 23:14 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Start-meny 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Skrivare 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Nätverket 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mina dokument 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mallar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Lokala inställningar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina videoklipp 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina bilder 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Min musik 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Local\Tidigare 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-15 23:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-15 23:08 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin 2014-01-15 23:08 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2014-01-15 23:08 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2014-01-15 23:08 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2014-01-15 23:07 - 2014-01-23 20:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-15 23:07 - 2014-01-23 20:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-15 23:07 - 2014-01-15 23:16 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-01-15 23:07 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2014-01-15 23:07 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2014-01-15 23:06 - 2014-01-15 23:06 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat 2014-01-15 23:06 - 2014-01-15 23:06 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\Program Files\Realtek 2014-01-15 23:04 - 2014-01-16 19:47 - 00000000 ___DC () C:\WINDOWS\Panther 2014-01-15 23:04 - 2014-01-15 23:04 - 00000000 __SHD () C:\Recovery 2014-01-15 23:02 - 2014-01-15 23:02 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-01-15 23:00 - 2014-01-15 23:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-01-15 22:59 - 2014-01-15 22:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\MSBuild 2014-01-15 22:56 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-01-15 22:56 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-01-15 22:56 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-01-11 11:48 - 2014-01-11 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-01-11 11:47 - 2014-01-11 11:55 - 137583624 _____ ( ) C:\Users\Gun\Downloads\PowerDVD_v5022_RiTA10(2D)(ASUS)(a)_Patch_DVD130401-26.exe 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\Documents\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\ProgramData\CyberLink 2014-01-06 20:50 - 2014-01-06 20:50 - 04645232 _____ (Piriform Ltd) C:\Users\Gun\Downloads\ccsetup409.exe ==================== One Month Modified Files and Folders ======= 2014-02-05 21:10 - 2014-02-05 21:08 - 00026593 _____ () C:\Users\Gun\Desktop\FRST.txt 2014-02-05 21:08 - 2014-02-05 21:07 - 00000000 ____D () C:\FRST 2014-02-05 21:07 - 2014-02-04 19:01 - 00174502 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-05 21:05 - 2014-02-05 21:05 - 02082304 _____ (Farbar) C:\Users\Gun\Desktop\FRST64.exe 2014-02-05 21:05 - 2014-01-16 19:58 - 00003896 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35333432-906E-4192-81B7-FCD0C70B04FB} 2014-02-05 21:05 - 2013-12-11 22:12 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\ClassicShell 2014-02-05 21:04 - 2014-02-03 18:50 - 00000000 ____D () C:\ProgramData\Datamngr 2014-02-05 21:04 - 2013-12-11 21:16 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1497316217-3356986614-690115362-1002 2014-02-05 21:01 - 2014-02-03 21:13 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-02-05 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-02-05 20:58 - 2014-01-23 22:20 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-02-05 20:58 - 2013-12-11 21:38 - 00000996 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-04 21:57 - 2013-12-11 21:38 - 00000992 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-04 21:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-02-04 21:01 - 2014-02-03 21:13 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-02-04 19:38 - 2014-02-04 19:38 - 00688992 _____ (Swearware) C:\Users\Gun\Desktop\dds.scr 2014-02-04 19:13 - 2013-12-14 17:11 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Spotify 2014-02-03 21:46 - 2014-02-03 21:13 - 00001949 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-02-03 21:45 - 2014-01-25 11:04 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-02-03 21:34 - 2013-11-14 08:31 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-03 21:34 - 2013-11-14 08:15 - 00733830 _____ () C:\WINDOWS\system32\perfh01D.dat 2014-02-03 21:34 - 2013-11-14 08:15 - 00152166 _____ () C:\WINDOWS\system32\perfc01D.dat 2014-02-03 21:31 - 2014-01-23 22:08 - 00000000 __RDO () C:\Users\Gun\SkyDrive 2014-02-03 21:29 - 2014-01-23 22:21 - 00000000 ___RD () C:\Users\Gun\Google Drive 2014-02-03 21:29 - 2013-12-11 21:05 - 00000062 _____ () C:\Users\Gun\AppData\Roaming\sp_data.sys 2014-02-03 21:27 - 2014-02-03 21:27 - 00005448 _____ () C:\WINDOWS\PFRO.log 2014-02-03 21:27 - 2014-01-25 09:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-03 21:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-02-03 21:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-02-03 21:13 - 2014-01-25 10:16 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-02-03 21:13 - 2013-12-12 22:07 - 00000000 ____D () C:\Users\Gun\AppData\Local\Adobe 2014-02-03 20:40 - 2014-02-03 20:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-03 20:40 - 2014-01-25 09:51 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-03 20:39 - 2014-02-03 20:39 - 00282864 _____ (Mozilla) C:\Users\Gun\Downloads\Firefox Setup Stub 26.0.exe 2014-02-03 20:38 - 2013-12-11 21:48 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-02-03 20:33 - 2014-02-03 18:51 - 00000000 ____D () C:\ProgramData\Wincert 2014-02-03 20:33 - 2014-02-03 18:50 - 00000000 ____D () C:\Users\Gun\AppData\Local\iLivid 2014-02-03 20:33 - 2013-12-11 21:05 - 00000000 ____D () C:\Users\Gun\AppData\Local\ASUS 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\icsxml 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\icsxml 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-03 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-02-03 20:33 - 2013-06-07 20:17 - 00000000 ____D () C:\ProgramData\P4G 2014-02-03 20:33 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files\mcafee 2014-02-03 20:33 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2014-02-03 20:33 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files (x86)\mcafee.com 2014-02-03 20:33 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-02-03 20:33 - 2012-12-19 09:40 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-02-03 20:33 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-02-03 20:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration 2014-02-03 20:10 - 2014-02-03 20:10 - 04697744 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online (1).exe 2014-02-03 18:59 - 2012-12-19 09:42 - 00000000 ____D () C:\ProgramData\McAfee 2014-02-03 18:53 - 2014-02-03 18:53 - 00001252 _____ () C:\Users\Public\Desktop\Free Games.lnk 2014-02-03 18:53 - 2014-02-03 18:53 - 00001081 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk 2014-02-03 18:53 - 2014-02-03 18:53 - 00001073 _____ () C:\Users\Gun\Desktop\iLivid.lnk 2014-02-03 18:50 - 2014-02-03 18:50 - 00000000 ____D () C:\Program Files (x86)\Movies Toolbar 2014-02-03 18:50 - 2014-02-03 18:49 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bf.exe 2014-02-03 18:46 - 2014-01-15 23:13 - 00000000 ____D () C:\Users\Gun 2014-02-03 18:43 - 2014-02-03 18:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-03 18:39 - 2012-12-19 09:42 - 00000000 ____D () C:\Program Files\mcafee.com 2014-02-03 18:24 - 2013-12-13 19:22 - 00000000 __RHD () C:\MSOCache 2014-02-03 17:49 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\ProductData 2014-02-03 17:26 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated 2014-02-03 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-02-03 16:40 - 2013-12-14 17:11 - 00000000 ____D () C:\Users\Gun\AppData\Local\Spotify 2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-30 20:21 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-01-25 11:03 - 2014-01-25 11:03 - 00000000 ____D () C:\Users\Gun\AppData\Local\Macromedia 2014-01-25 10:16 - 2012-12-19 09:40 - 00000000 ____D () C:\ProgramData\Adobe 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\Users\Gun\AppData\Local\Mozilla 2014-01-25 09:51 - 2014-01-25 09:51 - 00000000 ____D () C:\ProgramData\Mozilla 2014-01-23 22:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-01-23 22:24 - 2013-12-11 21:38 - 00000000 ____D () C:\Program Files\Google 2014-01-23 22:24 - 2013-12-11 21:38 - 00000000 ____D () C:\Program Files (x86)\Google 2014-01-23 22:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(424) 2014-01-23 22:21 - 2014-01-23 22:21 - 00001734 _____ () C:\Users\Gun\Desktop\Google Drive.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-01-23 22:14 - 2014-01-23 22:14 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-01-23 22:14 - 2013-12-11 21:38 - 00000000 ____D () C:\Users\Gun\AppData\Local\Google 2014-01-23 22:08 - 2013-12-13 19:19 - 00000000 ___RD () C:\Users\Gun\SkyDrive.old 2014-01-23 21:16 - 2013-12-11 21:39 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-01-23 21:16 - 2013-12-11 21:39 - 00000000 ____D () C:\Program Files\CCleaner 2014-01-23 20:58 - 2013-12-11 21:09 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-23 20:58 - 2013-12-11 21:09 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-01-23 20:57 - 2013-08-22 15:44 - 00473280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-01-23 20:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-01-23 20:56 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-01-23 20:56 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-01-23 20:55 - 2014-01-23 20:55 - 00000000 ____D () C:\Program Files\Common Files\Atheros 2014-01-23 20:55 - 2013-06-07 20:12 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-01-23 20:19 - 2013-06-07 20:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV 2014-01-23 20:19 - 2013-06-07 20:04 - 00000000 ____D () C:\WINDOWS\system32\NV 2014-01-23 20:19 - 2013-06-07 20:03 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-01-23 20:18 - 2014-01-16 19:39 - 00000000 ____D () C:\ProgramData\IObit 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-01-23 20:18 - 2014-01-15 23:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-01-23 20:18 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-01-23 20:18 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-01-23 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help 2014-01-23 20:04 - 2014-01-23 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\BrowserProtect 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\Browser Manager 2014-01-21 20:55 - 2014-01-21 20:55 - 00000000 ____D () C:\ProgramData\BitGuard 2014-01-20 21:18 - 2014-01-20 21:18 - 04689480 _____ (AVAST Software) C:\Users\Gun\Downloads\avast_free_antivirus_setup_online.exe 2014-01-19 21:06 - 2014-01-19 21:06 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc (1).exe 2014-01-19 21:01 - 2014-01-19 21:01 - 01751600 _____ (Bandoo Media Inc) C:\Users\Gun\Downloads\iLividSetup-r394-n-bc.exe 2014-01-18 10:52 - 2014-01-18 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-01-18 10:52 - 2013-12-11 21:05 - 00000000 ____D () C:\Users\Gun\AppData\Local\Packages 2014-01-16 20:16 - 2014-01-16 20:16 - 00000000 ____D () C:\Program Files\Classic Shell 2014-01-16 20:05 - 2014-01-16 19:39 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-01-16 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-01-16 20:04 - 2014-01-16 20:04 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled 2014-01-16 19:51 - 2014-01-16 19:50 - 00165659 _____ () C:\MyXML.xml 2014-01-16 19:49 - 2014-01-16 19:49 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup (1).exe 2014-01-16 19:47 - 2014-01-15 23:04 - 00000000 ___DC () C:\WINDOWS\Panther 2014-01-16 19:41 - 2014-01-16 19:41 - 00000246 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Gun.job 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Apple Computer 2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-16 19:41 - 2014-01-16 19:40 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\IObit 2014-01-16 19:38 - 2014-01-16 19:38 - 07039808 _____ (IObit ) C:\Users\Gun\Downloads\startmenu-setup.exe 2014-01-16 19:33 - 2013-12-12 22:11 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-01-16 19:09 - 2013-12-13 19:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-01-16 18:51 - 2013-12-11 21:09 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD 2014-01-16 18:50 - 2014-01-16 18:50 - 00001448 _____ () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-16 18:50 - 2014-01-16 18:50 - 00000020 ___SH () C:\Users\Gun\ntuser.ini 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Public\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Skrivare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Nätverket 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mina dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Lokala inställningar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina videoklipp 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Mina bilder 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Min musik 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Tidigare 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Start-meny 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Skrivbord 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Mallar 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\ProgramData\Dokument 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 _SHDL () C:\Program Files\Delade filer 2014-01-15 23:33 - 2014-01-15 23:33 - 00000000 ___DL () C:\Program 2014-01-15 23:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2014-01-15 23:33 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2014-01-15 23:31 - 2014-01-15 23:31 - 00022908 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-01-15 23:31 - 2014-01-15 23:13 - 00030483 _____ () C:\WINDOWS\diagwrn.xml 2014-01-15 23:31 - 2014-01-15 23:13 - 00030483 _____ () C:\WINDOWS\diagerr.xml 2014-01-15 23:24 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-01-15 23:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(79) 2014-01-15 23:18 - 2014-01-03 14:11 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-appar 2014-01-15 23:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-01-15 23:18 - 2012-12-19 09:42 - 00000000 ____D () C:\WINDOWS\sv 2014-01-15 23:18 - 2012-12-19 09:42 - 00000000 ____D () C:\WINDOWS\fi 2014-01-15 23:18 - 2012-12-19 09:41 - 00000000 ____D () C:\WINDOWS\da 2014-01-15 23:18 - 2012-07-26 10:43 - 00000000 ____D () C:\WINDOWS\en-GB 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2014-01-15 23:17 - 2013-11-14 08:15 - 00000000 ____D () C:\WINDOWS\system32\WCN 2014-01-15 23:17 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME 2014-01-15 23:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME 2014-01-15 23:17 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI 2014-01-15 23:17 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-01-15 23:17 - 2013-06-07 20:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda 2014-01-15 23:17 - 2012-08-02 14:28 - 00000000 ____D () C:\ProgramData\PRICache 2014-01-15 23:16 - 2014-01-15 23:07 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-01-15 23:16 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar 2014-01-15 23:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-01-15 23:14 - 2014-01-15 23:14 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-01-15 23:14 - 2014-01-15 23:13 - 00000000 ___RD () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-01-15 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Start-meny 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Skrivare 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Nätverket 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mina dokument 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Mallar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Lokala inställningar 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina videoklipp 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Mina bilder 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\Documents\Min musik 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Roaming\Microsoft\Windows\Start Menu\Program 2014-01-15 23:13 - 2014-01-15 23:13 - 00000000 _SHDL () C:\Users\Gun\AppData\Local\Tidigare 2014-01-15 23:06 - 2014-01-15 23:06 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat 2014-01-15 23:06 - 2014-01-15 23:06 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-01-15 23:06 - 2014-01-15 23:06 - 00000000 ____D () C:\Program Files\Realtek 2014-01-15 23:04 - 2014-01-15 23:04 - 00000000 __SHD () C:\Recovery 2014-01-15 23:02 - 2014-01-15 23:02 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2014-01-15 23:02 - 2014-01-15 23:02 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2014-01-15 23:02 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2014-01-15 23:01 - 2014-01-15 23:01 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-01-15 23:01 - 2014-01-15 23:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-01-15 23:01 - 2014-01-15 23:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-01-15 23:01 - 2014-01-15 23:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-01-15 23:00 - 2014-01-15 23:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-01-15 23:00 - 2014-01-15 23:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-01-15 23:00 - 2014-01-15 23:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-01-15 23:00 - 2014-01-15 23:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-01-15 23:00 - 2014-01-15 23:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-01-15 22:59 - 2014-01-15 22:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-01-15 22:57 - 2014-01-15 22:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-01-15 22:56 - 2014-01-15 22:56 - 00000000 ____D () C:\Program Files\MSBuild 2014-01-15 21:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-01-15 20:26 - 2013-12-15 10:05 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-01-15 20:24 - 2013-12-15 10:04 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-11 12:22 - 2014-01-04 12:22 - 00439648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2014-01-11 11:55 - 2014-01-11 11:47 - 137583624 _____ ( ) C:\Users\Gun\Downloads\PowerDVD_v5022_RiTA10(2D)(ASUS)(a)_Patch_DVD130401-26.exe 2014-01-11 11:48 - 2014-01-11 11:48 - 00000000 ____D () C:\Users\Public\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\Documents\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\Users\Gun\AppData\Roaming\CyberLink 2014-01-11 11:46 - 2014-01-11 11:46 - 00000000 ____D () C:\ProgramData\CyberLink 2014-01-06 20:50 - 2014-01-06 20:50 - 04645232 _____ (Piriform Ltd) C:\Users\Gun\Downloads\ccsetup409.exe Files to move or delete: ==================== C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\Gun\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\Gun\AppData\Local\Temp\Delta.exe C:\Users\Gun\AppData\Local\Temp\DeltaTB.exe C:\Users\Gun\AppData\Local\Temp\MybabylonTB.exe C:\Users\Gun\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-03 21:53 ==================== End Of Log ============================ Addition.txt
  7. Hej, Jag har jättemycket problem med min rätt så nya bärbara Asus. Vet inte om det är virus, eller vad. Jag kan bl.a. inte streama film från tex Swefilmer. Avast har jag använt som virusprogram och försökt avinstallera, det går inte. Tänkte då att ok, jag får väl behålla det och försökte då uppdatera programmet, det gick inte heller. Nu har jag försökt köra de filer ni rekommenderar för att lägga in loggen här. Det går inte heller. Får beskedet att programmet inte fungerar i "Compatibility Mode". Vad innebär det? Vore mycket tacksam om någon kan hjälpa till på något sätt! // Gun
  8. Hej, Jag ska skapa en film i Photo Story med musik och inspelat tal. När jag ska spela in talet (via headset med mikrofon) så säger datorn att ljudinställningarna måste ändras, programmet frågar om det ska göra det. Fast jag då klickar ja, så fungerar det inte. När jag går in i kontrollpanelen så hittar jag inga mikrofoninställningar att ändra. Är det någon som hra en aning om hur man gör? Hälsningar Gun
  9. En sista fråga bara ... Kan jag nu ta bort alla program o filer jag sparat, dvs combofix, rootrepeal, hostsperm.bat, tdsskiller mm?
  10. Tack så jättemycket båda två för all hjälp, ni är guld värda!! Om jag kunde skulle jag skicka en ros till er men det får bli ett stort smile i stället! Datorn fungerar bättre än vanligt! Den är pigg o snabb, startar fort o laddar sidor betydligt snabbare än tidigare. Nu kan jag vara nöjd tills det blir nåt nytt problem, om det nu blir det, men då vet jag ju vart jag ska vända mig!
  11. Och nu fungerar plötsligt Google!! Oj, vad bra! Kanske allt är löst nu?! Fast jag fattar inte vad som varit fel. Det verkar ju inte ha varit virus? Är det någon fil, (den där host-filen??) som låst sig på nåt sätt, kanske?
  12. Ja, tack. Mycket klarare! Fast jag hade ingen mapp som heter Host. I mappen drivers fanns det tre mappar: disdn, etc och UMDF. I mappen etc låg bara filer: host-filer,networks, protocol, services. Så det är där jag ändrat namn o sedan sparat den nya filen. Här är nu loggen: DDS (Ver_10-03-17.01) - NTFSx86 Run by Gun at 21:49:00,64 on 2010-03-23 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1023.553 [GMT 1:00] AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\iTunes\iTunesHelper.exe C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program\Delade filer\Java\Java Update\jusched.exe C:\Program\ALWILS~1\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\APVN9R7Q.BX7\KV97Q5TX.2WY\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe C:\Program\iPod\bin\iPodService.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Documents and Settings\Gun\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.godstart.se/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File uRun: [ccleaner] "c:\program\ccleaner\CCleaner.exe" /AUTO uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [Genväg till egenskapssida för High Definition Audio] HDAudPropShortcut.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [iSUSScheduler] "c:\program\delade filer\installshield\updateservice\issch.exe" -start mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program\itunes\iTunesHelper.exe" mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe" mRun: [avast5] c:\program\alwils~1\avast5\avastUI.exe /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\documents and settings\gun\start-meny\program\autostart\CurseClientStartup.ccip StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\personal.lnk - c:\program\personal\bin\Personal.exe IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~3\office11\REFIEBAR.DLL DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1204302115296 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - hxxp://www.parallelgraphics.com/l2/bin/cortvrml.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\gun\applic~1\mozilla\firefox\profiles\ueihzcqn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.godstart.se/index.php FF - plugin: c:\program\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program\microsoft\office live\npOLW.dll FF - plugin: c:\program\personal\bin\np_prsnl.dll FF - plugin: c:\program\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-18 162640] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-18 19024] R2 avast! Antivirus;avast! Antivirus;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-28 54752] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R3 avast! Web Scanner;avast! Web Scanner;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-5-27 24608] R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [2004-1-29 350282] S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\sasdifsv.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\saskutil.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASKUTIL.sys [?] S2 gupdate1ca2f18cd592ed8;Tjänsten Google Update (gupdate1ca2f18cd592ed8);c:\program\google\update\GoogleUpdate.exe [2009-9-6 133104] S3 fsssvc;Tjänsten Windows Live Family Safety;c:\program\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 SASENUM;SASENUM;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\sasenum.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASENUM.SYS [?] S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys --> c:\windows\system32\drivers\nordecr.sys [?] S4 Automatisk LiveUpdate-schemaläggare;Automatisk LiveUpdate-schemaläggare;"c:\program\symantec\liveupdate\aluschedulersvc.exe" --> c:\program\symantec\liveupdate\ALUSchedulerSvc.exe [?] =============== Created Last 30 ================ 2010-03-21 07:36:38 98816 ----a-w- c:\windows\sed.exe 2010-03-21 07:36:38 161792 ----a-w- c:\windows\SWREG.exe 2010-03-21 07:25:54 0 ----a-w- c:\documents and settings\gun\settings.dat 2010-03-18 17:25:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software 2010-03-18 17:21:42 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-03-14 18:54:52 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-03-14 18:54:52 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-03-14 10:17:44 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll 2010-03-14 10:10:20 0 d-----w- C:\SDFix 2010-03-13 14:39:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files 2010-03-11 20:10:16 0 d-----w- c:\program\delade filer\Scanner 2010-03-11 19:50:35 0 d-----w- c:\program\Audacity 2010-03-11 18:23:49 3393 ----a-w- c:\windows\system32\wbem\Outlook_01cac147fe9f896c.mof 2010-03-11 08:18:52 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-03-02 10:23:24 0 d-----w- c:\program\Personal ==================== Find3M ==================== 2010-03-19 22:03:43 72343 -c--a-w- c:\windows\War3Unin.dat 2010-03-18 17:21:28 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-12 21:33:57 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-12 17:02:38 261632 ----a-w- c:\windows\PEV.exe 2010-03-11 18:23:49 81618 ----a-w- c:\windows\system32\perfc01D.dat 2010-03-11 18:23:49 440136 ----a-w- c:\windows\system32\perfh01D.dat 2010-01-08 21:58:26 262144 ----a-w- C:\ntuser.dat ============= FINISH: 21:49:31,00 =============== Attach.txt
  13. Jag fattar inte hur jag ska göra. Jag har kört den där .bat-filen. Den visade sig en mikrosekund, sedan hände inget mer, jag har bytt namn på host-filen till hostbad. Men när jag går in på länken som du skriver, så kommer jag till en sida som ser ut så här: Copyright © 1993-1999 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost Vad ska jag göra med den? Ska jag spara hela den? Eller delar av den. Eller göra en liknande på nåt sätt ... jag hänger inte med....!
  14. Efter alla rensningar mm så startar datorn betydligt snabbare! Det är ju skönt. Fast den kan fortfarande inte visa vissa sidor. Här kommer de två loggarna ComboFix 10-03-20.01 - Gun 2010-03-21 8:42.19.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1023.536 [GMT 1:00] Körs från: c:\documents and settings\Gun\Skrivbord\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * Skapade en ny återställningspunkt . (((((((((((((((((((((((( Filer Skapade från 2010-02-21 till 2010-03-21 )))))))))))))))))))))))))))))) . 2010-03-21 07:25 . 2010-03-21 07:25 0 ----a-w- c:\documents and settings\Gun\settings.dat 2010-03-18 17:25 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-03-18 17:25 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-03-18 17:25 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-03-18 17:25 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-03-18 17:25 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-03-18 17:25 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-03-18 17:25 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-03-18 17:25 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-03-18 17:25 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-03-18 17:25 . 2010-03-18 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-03-18 17:21 . 2010-03-18 17:21 -------- d-----w- c:\program\Delade filer\Java 2010-03-18 17:21 . 2010-03-18 17:21 503808 ----a-w- c:\documents and settings\Gun\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a051799-n\msvcp71.dll 2010-03-18 17:21 . 2010-03-18 17:21 348160 ----a-w- c:\documents and settings\Gun\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a051799-n\msvcr71.dll 2010-03-18 17:21 . 2010-03-18 17:21 499712 ----a-w- c:\documents and settings\Gun\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a051799-n\jmc.dll 2010-03-18 17:21 . 2010-03-18 17:21 61440 ----a-w- c:\documents and settings\Gun\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-68ec8a19-n\decora-sse.dll 2010-03-18 17:21 . 2010-03-18 17:21 12800 ----a-w- c:\documents and settings\Gun\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-68ec8a19-n\decora-d3d.dll 2010-03-14 18:54 . 2008-04-13 23:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-03-14 18:54 . 2008-04-13 23:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-03-14 10:17 . 2010-03-14 10:17 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll 2010-03-14 10:10 . 2010-03-14 18:16 -------- d-----w- C:\SDFix 2010-03-13 14:39 . 2010-03-13 14:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2010-03-11 20:10 . 2010-03-11 20:10 -------- d-----w- c:\program\Delade filer\Scanner 2010-03-11 19:50 . 2010-03-11 19:50 -------- d-----w- c:\program\Audacity 2010-03-11 08:18 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-03-02 10:23 . 2010-03-02 10:23 -------- d-----w- c:\program\Personal . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-20 09:41 . 2009-10-17 17:08 -------- d-----w- c:\documents and settings\Gun\Application Data\Spotify 2010-03-19 22:14 . 2008-03-02 13:07 -------- d-----w- c:\program\Warcraft III 2010-03-19 22:03 . 2008-07-14 17:16 72343 -c--a-w- c:\windows\War3Unin.dat 2010-03-19 15:01 . 2008-11-03 18:48 -------- d-----w- c:\documents and settings\Gun\Application Data\uTorrent 2010-03-18 17:25 . 2009-11-29 21:18 -------- d-----w- c:\program\Alwil Software 2010-03-18 17:21 . 2008-11-25 20:05 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-18 17:17 . 2008-02-29 16:15 -------- d-----w- c:\program\Windows Live 2010-03-18 17:13 . 2008-05-24 18:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-03-18 17:11 . 2008-02-29 16:12 -------- d-----w- c:\program\Google 2010-03-18 17:09 . 2008-03-08 17:26 -------- d-----w- c:\program\Lavasoft 2010-03-18 17:03 . 2008-03-08 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-03-17 14:47 . 2008-02-29 17:33 -------- d-----w- c:\program\World of Warcraft 2010-03-17 05:02 . 2008-02-28 13:28 -------- d-----w- c:\program\Delade filer\InstallShield 2010-03-17 05:01 . 2008-02-28 13:39 -------- d--h--w- c:\program\InstallShield Installation Information 2010-03-14 15:55 . 2008-05-20 17:27 -------- d-----w- c:\program\Mozilla Thunderbird 2010-03-14 10:38 . 2010-01-08 21:57 -------- d-----w- c:\program\Yahoo! 2010-03-14 10:36 . 2010-01-08 21:58 -------- d-----w- c:\documents and settings\Gun\Application Data\Yahoo! 2010-03-14 10:36 . 2010-01-08 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! 2010-03-13 12:42 . 2009-07-09 21:11 -------- d-----w- c:\program\CCleaner 2010-03-13 11:55 . 2009-12-24 21:01 -------- d-----w- c:\documents and settings\Gun\Application Data\SUPERAntiSpyware.com 2010-03-12 21:33 . 2009-11-02 18:50 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-11 18:23 . 2003-04-24 12:00 81618 ----a-w- c:\windows\system32\perfc01D.dat 2010-03-11 18:23 . 2003-04-24 12:00 440136 ----a-w- c:\windows\system32\perfh01D.dat 2010-02-14 15:04 . 2009-06-09 20:22 -------- d-----w- c:\program\Malwarebytes' Anti-Malware 2010-02-14 15:03 . 2010-02-14 15:03 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-02-10 19:30 . 2010-02-10 19:25 -------- d-----w- c:\documents and settings\Gun\Application Data\PhotoFiltre Studio X 2010-02-10 19:25 . 2010-02-10 19:25 -------- d-----w- c:\program\PhotoFiltre Studio X 2010-01-22 13:57 . 2010-01-22 13:56 -------- d-----w- c:\documents and settings\Victor\Application Data\OnlineArmor 2010-01-21 08:53 . 2010-01-21 08:53 -------- d-----w- c:\documents and settings\Albin\Application Data\OnlineArmor 2010-01-21 08:44 . 2008-02-29 17:20 -------- d-----w- c:\program\Microsoft Silverlight 2010-01-08 21:58 . 2010-01-08 21:58 262144 ----a-w- C:\ntuser.dat 2010-01-07 15:07 . 2009-06-09 20:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-06-09 20:22 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50 . 2004-08-03 22:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-31 10:33 . 2009-12-31 10:33 117760 ----a-w- c:\documents and settings\Victor\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-21 19:09 . 2004-08-04 00:34 916480 ----a-w- c:\windows\system32\wininet.dll . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* Tomma poster & legitima standardposter visas inte. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program\CCleaner\CCleaner.exe" [2010-02-24 1771320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Genväg till egenskapssida för High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952] "SoundMan"="SOUNDMAN.EXE" [2004-07-01 73728] "AlcWzrd"="ALCWZRD.EXE" [2004-07-05 2550272] "ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "QuickTime Task"="c:\program\QuickTime\qttask.exe" [2009-09-05 417792] "iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2009-10-28 141600] "Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "SunJavaUpdateSched"="c:\program\Delade filer\Java\Java Update\jusched.exe" [2010-02-18 248040] "avast5"="c:\program\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Gun\Start-meny\Program\Autostart\ CurseClientStartup.ccip [2010-3-17 0] c:\documents and settings\All Users\Start-meny\Program\Autostart\ Personal.lnk - c:\program\Personal\bin\Personal.exe [2010-3-2 939920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 14:44 3883840 ----a-w- c:\program\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program\\uTorrent\\uTorrent.exe"= "c:\\Program\\World of Warcraft\\Launcher.exe"= "c:\\Program\\Valve\\Steam\\SteamApps\\vibjhe616\\counter-strike\\hl.exe"= "c:\\Program\\Warcraft III\\Warcraft III.exe"= "c:\\Program\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\WoW-3.1.1.9835-to-3.1.2.9901-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Program\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"= "c:\\Program\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"= "c:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program\\Spotify\\spotify.exe"= "c:\\Program\\Bonjour\\mDNSResponder.exe"= "c:\\Program\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Gun\\Lokala inställningar\\Apps\\2.0\\E8WD6NB6.R1E\\BVMB5C3Y.KXQ\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-03-18 162640] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-03-18 19024] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-05-27 24608] R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [2004-01-29 350282] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASKUTIL.sys --> c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASKUTIL.sys [?] S2 gupdate1ca2f18cd592ed8;Tjänsten Google Update (gupdate1ca2f18cd592ed8);c:\program\Google\Update\GoogleUpdate.exe [2009-09-06 133104] S3 SASENUM;SASENUM;\??\c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASENUM.SYS --> c:\docume~1\Gun\LOKALA~1\Temp\SAS_SelfExtract\SASENUM.SYS [?] S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\DRIVERS\nordecr.sys --> c:\windows\system32\DRIVERS\nordecr.sys [?] S4 Automatisk LiveUpdate-schemaläggare;Automatisk LiveUpdate-schemaläggare;"c:\program\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> c:\program\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?] . Innehållet i mappen 'Schemalagda aktiviteter': 2010-03-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program\Google\Update\GoogleUpdate.exe [2009-09-06 17:38] 2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program\Google\Update\GoogleUpdate.exe [2009-09-06 17:38] . . ------- Extra genomsökning ------- . uStart Page = hxxp://www.godstart.se/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xportera till Microsoft Excel - c:\program\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Gun\Application Data\Mozilla\Firefox\Profiles\ueihzcqn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.godstart.se/index.php FF - plugin: c:\program\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program\Personal\bin\np_prsnl.dll FF - plugin: c:\program\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICY ---- c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - HKCU-Run-Search Protection - c:\program\Yahoo!\Search Protection\SearchProtection.exe HKLM-Run-ISUSPM Startup - c:\program\Delade filer\InstallShield\UpdateService\isuspm.exe ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file) MSConfigStartUp-swg - c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-21 08:46 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LÅSTA REGISTERNYCKLAR --------------------- [HKEY_USERS\S-1-5-21-2025429265-448539723-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C65F5CA-6016-5CF0-6703-EC45071739B0}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "abdmmmjllfpdcnenipgngjcpjkgaellcce"=hex:61,61,00,00 "bbdmmmjllfpdcnenipbljkdablmdebkgbmcc"=hex:61,61,00,00 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*] "D140211900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLer som "laddats" under processer som körs --------------------- - - - - - - - > 'winlogon.exe'(464) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(4060) c:\program\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Sluttid: 2010-03-21 08:48:22 ComboFix-quarantined-files.txt 2010-03-21 07:48 Före genomsökningen: 186 449 129 472 byte ledigt Efter genomsökningen: 186 489 593 856 byte ledigt - - End Of File - - D67540712849580B0D48822DC4EFB5B2 ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2010/03/21 08:26 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xAAB00000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF7B7B000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xA7CAF000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\CurseClient.exe.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\CurseClient.exe.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.ClientService.Models.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.ClientService.Models.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.AddOns.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.AddOns.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.MurmurHash.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.MurmurHash.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\CurseClient.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\CurseClient.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Enumerations.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Enumerations.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\ICSharpCode.SharpZipLib.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\ICSharpCode.SharpZipLib.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Interop.NetFwTypeLib.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Interop.NetFwTypeLib.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Win32Interop.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Win32Interop.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\WPF.Themes.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\WPF.Themes.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Xceed.Wpf.DataGrid.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Xceed.Wpf.DataGrid.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Xceed.Wpf.Controls.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Xceed.Wpf.Controls.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\zlib.net.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\zlib.net.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Common.XmlSerializers.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Common.XmlSerializers.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.DownloadSecurity.Tokens.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Localization.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.DownloadSecurity.Tokens.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Common.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Common.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Localization.resources.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Localization.resources.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Controls.cdf-ms Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Controls.manifest Status: Locked to the Windows API! Path: C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\manifests\Curse.CurseClient.Localization.cdf-ms Status: Locked to the Windows API! SSDT ------------------- #: 025 Function Name: NtClose Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48c56 #: 041 Function Name: NtCreateKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48b12 #: 063 Function Name: NtDeleteKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab490c6 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48ff0 #: 068 Function Name: NtDuplicateObject Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab486e8 #: 119 Function Name: NtOpenKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48bec #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48628 #: 128 Function Name: NtOpenThread Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab4868c #: 177 Function Name: NtQueryValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48d0c #: 192 Function Name: NtRenameKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab49194 #: 204 Function Name: NtRestoreKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48ccc #: 247 Function Name: NtSetValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xaab48e4c ==EOF==
  15. Nu har jag gjort allt som du skrev, hoppas jag. Vet inte om fixHOSTS.bat fungerade. Det kom upp och sa att "filen går inte att hitta", det var allt. Här kommer loggarna: DDS (Ver_10-03-17.01) - NTFSx86 Run by Gun at 19:43:13,31 on 2010-03-18 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18 Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1023.590 [GMT 1:00] AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program\Bonjour\mDNSResponder.exe C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program\Delade filer\InstallShield\UpdateService\issch.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Personal\bin\Personal.exe C:\Documents and Settings\Gun\Lokala inställningar\Apps\2.0\E8WD6NB6.R1E\BVMB5C3Y.KXQ\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe C:\Program\iPod\bin\iPodService.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Internet Explorer\iexplore.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\Alwil Software\Avast5\AvastSvc.exe C:\Program\Alwil Software\Avast5\avastUI.exe C:\Program\Internet Explorer\iexplore.exe C:\Documents and Settings\Gun\Skrivbord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.godstart.se/ uSearch Page = ${URL_SEARCHPAGE} uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Page = ${URL_SEARCHPAGE} uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File uRun: [ccleaner] "c:\program\ccleaner\CCleaner.exe" /AUTO uRun: [search Protection] c:\program\yahoo!\search protection\SearchProtection.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [Genväg till egenskapssida för High Definition Audio] HDAudPropShortcut.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [iSUSPM Startup] "c:\program\delade filer\installshield\updateservice\isuspm.exe" -startup mRun: [iSUSScheduler] "c:\program\delade filer\installshield\updateservice\issch.exe" -start mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program\itunes\iTunesHelper.exe" mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe" mRun: [avast5] c:\program\alwils~1\avast5\avastUI.exe /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\documents and settings\gun\start-meny\program\autostart\CurseClientStartup.ccip StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\personal.lnk - c:\program\personal\bin\Personal.exe IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~3\office11\REFIEBAR.DLL DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1204302115296 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - hxxp://www.parallelgraphics.com/l2/bin/cortvrml.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File Hosts: 74.125.45.100 4-open-davinci.com Hosts: 74.125.45.100 securitysoftwarepayments.com Hosts: 74.125.45.100 privatesecuredpayments.com Hosts: 74.125.45.100 secure.privatesecuredpayments.com Hosts: 74.125.45.100 getantivirusplusnow.com Note: multiple HOSTS entries found. Please refer to Attach.txt ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\gun\applic~1\mozilla\firefox\profiles\ueihzcqn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.godstart.se/index.php FF - plugin: c:\program\google\update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\program\microsoft\office live\npOLW.dll FF - plugin: c:\program\personal\bin\np_prsnl.dll FF - plugin: c:\program\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-18 162640] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-18 19024] R2 avast! Antivirus;avast! Antivirus;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-28 54752] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R3 avast! Web Scanner;avast! Web Scanner;c:\program\alwil software\avast5\AvastSvc.exe [2010-3-18 40384] R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-5-27 24608] R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [2004-1-29 350282] S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\sasdifsv.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\saskutil.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASKUTIL.sys [?] S2 gupdate1ca2f18cd592ed8;Tjänsten Google Update (gupdate1ca2f18cd592ed8);c:\program\google\update\GoogleUpdate.exe [2009-9-6 133104] S3 fsssvc;Tjänsten Windows Live Family Safety;c:\program\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 SASENUM;SASENUM;\??\c:\docume~1\gun\lokala~1\temp\sas_selfextract\sasenum.sys --> c:\docume~1\gun\lokala~1\temp\sas_selfextract\SASENUM.SYS [?] S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys --> c:\windows\system32\drivers\nordecr.sys [?] S4 Automatisk LiveUpdate-schemaläggare;Automatisk LiveUpdate-schemaläggare;"c:\program\symantec\liveupdate\aluschedulersvc.exe" --> c:\program\symantec\liveupdate\ALUSchedulerSvc.exe [?] =============== Created Last 30 ================ 2010-03-18 17:25:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software 2010-03-18 17:21:42 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-03-18 17:21:42 411368 ----a-w- c:\windows\system32\REN36.tmp 2010-03-14 18:54:52 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-03-14 18:54:52 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-03-14 10:17:44 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll 2010-03-14 10:10:20 0 d-----w- C:\SDFix 2010-03-13 14:39:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files 2010-03-11 20:10:16 0 d-----w- c:\program\delade filer\Scanner 2010-03-11 19:50:35 0 d-----w- c:\program\Audacity 2010-03-11 18:23:49 3393 ----a-w- c:\windows\system32\wbem\Outlook_01cac147fe9f896c.mof 2010-03-11 08:18:52 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-03-02 10:23:24 0 d-----w- c:\program\Personal ==================== Find3M ==================== 2010-03-12 21:33:57 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-11 18:23:49 81618 ----a-w- c:\windows\system32\perfc01D.dat 2010-03-11 18:23:49 440136 ----a-w- c:\windows\system32\perfh01D.dat 2010-01-24 11:43:24 72039 -c--a-w- c:\windows\War3Unin.dat 2010-01-08 21:58:26 262144 ----a-w- C:\ntuser.dat 2009-12-21 19:09:46 916480 ----a-w- c:\windows\system32\wininet.dll ============= FINISH: 19:44:01,92 =============== Malwarebytes' Anti-Malware 1.44 Databasversion: 3883 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 2010-03-18 19:38:31 mbam-log-2010-03-18 (19-38-31).txt Skanningstyp: Fullständig skanning (C:\|) Antal skannade objekt: 232628 Förfluten tid: 1 hour(s), 7 minute(s), 9 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 0 Infekterade registernycklar: 0 Infekterade registervärden: 0 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 0 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: (Inga illasinnade poster hittades) Infekterade registervärden: (Inga illasinnade poster hittades) Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: (Inga illasinnade poster hittades) Attach.txt
×
×
  • Skapa nytt...