Just nu i M3-nätverket
Gå till innehåll

johnnyb

Medlem
  • Antal inlägg

    22
  • Gick med

  • Senaste besök

  1. Tack så väldigt mycket för din hjälp och tid! Uppskattar det mycket! Du borde göra ett script som gör allt det här automatiskt men kan tänka mig att det är olika fall till fall Hur som helst, tack igen. Med vänliga hälsningar Jim
  2. Synkade mot en annan server, då gick det bra. //jim
  3. Kan kanske nämna det här med klockan igen. Försökte synka med internet via time.windows.com som var "standard" och texten som kommer upp är "Ett fel uppstod när operativsystemet synkroniserade med time.windows.com. Det går inte att nå peer-datorn." Om du kanske vet vad peer-datorn är? Annars så är väll det bara och avinstallera alla program som skas. Försvinner även de filerna som finns i combifix's karantän? Jim
  4. så nu verkar IE funka bra. Tack. Har även tagit bort de två crackade filerna samt avinstallerat adobe. Vad blir nästa steg? Spänningen stiger!
  5. Vissa sidor funkar bra med IE med tillägg men tex eforum fryser bara hela IE.
  6. IE funkade bra "Utan tillägg"... Men hemsidor såsom min banks hemsida tycker inte om att mina tidsinställningar osv inte är korrekta. Det funkar inte via klockans inställningar att uppdatera från internet. Nå tips? Ska jag gå in på BIOS å kolla läget där? Farbar Service Scanner Version: 09-11-2012 Ran by JIM (administrator) on 02-01-2002 at 15:32:09 Running from "C:\Users\JIM\Desktop" Windows 7 Ultimate (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2012-02-16 16:01] - [2011-12-28 04:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2012-05-12 10:56] - [2012-03-30 12:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0 C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2012-10-10 09:24] - [2012-06-02 06:25] - 0182272 ____A (Microsoft Corporation) BAF19B633933A9FB4883D27D66C39E9A C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Sedan var ju de skadliga filerna som kom upp senast när jag gjorde scannen via internet(eset online scan). Kan jag göra om scannen och ta bort filerna? För senast sa du till mig att inte ha den rutan ikryssad. MvH Jim
  7. IE är fortfarande segt som attan... Hur får jag enkelt bort alla skadliga program? som tex de du sa i ditt inlägg. Klockan på datorn samt datum är helt ur fas, känns som något har hänt med hela systemet. som om allt är nollstället... dds: . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2010-06-11 16:24:23 System Uptime: 2002-01-01 23:23:09 (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 492,526 GiB free. D: is CDROM () E: is Removable F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP147: 2002-01-01 18:43:54 - Removed Adobe Reader 9.3 - Svenska. RP148: 2002-01-01 18:44:32 - Removed Adobe Reader 9.3 - Svenska. RP145: 2012-11-18 15:16:45 - Windows Update RP146: 2012-11-20 20:28:25 - Removed Java 6 Update 23 . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Apple-programstöd Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent Bonjour Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Convert AVI to MP4 1.3 Counter-Strike Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Diablo III ElfBot NG 4.5.9 EPU-6 Engine ESET NOD32 Antivirus ESET Online Scanner v3 ESN Sonar Express Gate GameXN GO Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper Heroes of Newerth iTunes JMicron JMB36X Driver Left 4 Dead 2 Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access MUI (Swedish) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Excel MUI (Swedish) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office Groove MUI (Swedish) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office InfoPath MUI (Swedish) 2010 Microsoft Office Language Pack 2010 - Swedish/svenska Microsoft Office O MUI (Swedish) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office OneNote MUI (Swedish) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office Outlook MUI (Swedish) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint MUI (Swedish) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (Finnish) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proof (Swedish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing (Swedish) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Publisher MUI (Swedish) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared 32-bit MUI (Swedish) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared MUI (Swedish) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Swedish) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office Word MUI (Swedish) 2010 Microsoft Office X MUI (Swedish) 2010 Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml NVIDIA-uppdatering 1.10.8 NVIDIA 3D Vision drivrutin 306.97 NVIDIA 3D Vision drivrutin för styrenhet 301.42 NVIDIA Display Control Panel NVIDIA Grafikdrivrutin 306.97 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systemprogramvara 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components NVIDIAs kontrollpanel 306.97 Octoshape add-in for Adobe Flash Player Platform Poker at bet365 PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Safari Secunia PSI (3.0.0.4001) Skype Toolbars Skype™ 5.10 Spotify StarCraft II Steam Svenska Spels Poker System Requirements Lab System Requirements Lab CYRI Turbo Key TurboV Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition VCRedistSetup VentriloMIX VIA Plattform för enhetshanterare Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live Upload Tool WinRAR VLC media player 2.0.1 . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by JIM at 0:06:03 on 2002-01-02 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2521 [GMT 1:00] . AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ASUS.SYS\config\DVMExportService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\SysWOW64\IoctlSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\TurboV\TurboV.exe C:\Program Files\ASUS\Turbo Key\TurboKey.exe C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.se/ BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe" mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112] R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960] R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736] . =============== Created Last 30 ================ . 2012-11-21 18:03:10 -------- d-sh--w- C:\$RECYCLE.BIN 2012-11-21 15:59:22 98816 ----a-w- C:\Windows\sed.exe 2012-11-21 15:59:22 256000 ----a-w- C:\Windows\PEV.exe 2012-11-21 15:59:22 208896 ----a-w- C:\Windows\MBR.exe 2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod 2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes 2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes 2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-10-18 20:20:55 -------- d-----w- C:\Program Files (x86)\ElfBot NG 2012-10-12 18:51:58 -------- d-----w- C:\Users\JIM\AppData\Roaming\Tibia 2012-10-12 18:08:09 -------- d-----w- C:\Users\JIM\AppData\Roaming\NVIDIA 2012-10-12 17:56:39 -------- d-----w- C:\ProgramData\id Software 2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll 2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll 2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll 2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll 2012-10-10 08:25:27 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-10-10 08:25:24 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-10-10 08:25:23 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-10-10 08:25:10 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-10-10 08:25:10 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-10-10 08:25:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-10-10 08:25:02 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-10-10 08:24:53 714752 ----a-w- C:\Windows\System32\kerberos.dll 2012-10-10 08:24:52 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-10-10 08:24:47 1462784 ----a-w- C:\Windows\System32\crypt32.dll 2012-10-10 08:24:47 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-10-10 08:24:46 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-10-10 08:24:46 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-10-10 08:24:46 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-10-10 08:24:46 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-09-04 15:25:08 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-08-16 12:50:58 58880 ----a-w- C:\Windows\System32\browcli.dll 2012-08-16 12:50:58 41472 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-16 12:50:58 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-16 12:50:44 956416 ----a-w- C:\Windows\System32\localspl.dll 2012-07-11 14:20:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-07-11 14:20:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-07-11 14:20:43 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-07-11 14:20:42 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-07-09 12:42:56 4547984 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-07-09 12:42:54 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-06-19 13:53:57 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-19 13:53:33 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-19 13:53:11 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-19 13:53:11 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-13 14:36:51 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-13 14:36:51 76288 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-13 14:36:51 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-13 14:36:37 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-05-17 05:34:04 57464 ----a-w- C:\Program Files\Common Files\System\MSMAPI\1053\MSMAPI32.DLL 2012-05-15 14:41:28 -------- d-----w- C:\Program Files (x86)\Diablo III 2012-05-12 09:57:43 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-05-12 09:57:43 1541120 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-12 09:57:43 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-12 09:57:42 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-05-12 09:57:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll 2012-05-12 09:57:42 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2012-05-12 09:57:42 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-05-12 09:57:42 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll 2012-05-12 09:57:42 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-05-12 09:57:42 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2012-05-12 09:56:39 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-12 09:56:35 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-12 09:56:32 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-12 09:56:32 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-12 09:56:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-12 09:56:31 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-12 09:56:31 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-05-07 13:32:23 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-07 13:32:23 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-25 17:45:29 -------- d-----w- C:\Windows\System32\appmgmt 2012-04-22 10:05:53 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-04-22 10:03:34 68928 ----a-w- C:\Windows\System32\OpenCL.dll 2012-04-22 10:03:34 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-04-22 08:42:03 -------- d-----w- C:\ProgramData\Battle.net 2012-04-15 20:39:15 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-15 20:39:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-15 20:39:12 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-15 20:39:11 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-15 20:39:10 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-03-14 15:23:06 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-14 15:23:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-14 15:23:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-08 12:39:43 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2012-02-20 14:58:35 -------- d-----w- C:\Program Files\Bonjour 2012-02-20 14:58:35 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-02-16 15:01:20 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-16 15:01:15 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-16 15:01:15 634368 ----a-w- C:\Windows\System32\msvcrt.dll 2012-01-31 16:02:14 1446912 ----a-w- C:\Windows\System32\lsasrv.dll 2012-01-31 16:02:13 395776 ----a-w- C:\Windows\System32\webio.dll 2012-01-31 16:02:13 314368 ----a-w- C:\Windows\SysWow64\webio.dll 2012-01-31 16:02:13 31232 ----a-w- C:\Windows\System32\lsass.exe 2012-01-31 16:02:13 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2012-01-31 16:02:13 28160 ----a-w- C:\Windows\System32\secur32.dll 2012-01-31 16:02:13 136192 ----a-w- C:\Windows\System32\sspicli.dll 2012-01-11 14:44:58 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 14:44:58 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 14:44:57 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 14:44:57 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 14:44:52 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 14:44:51 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 14:44:34 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 14:44:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2011-12-16 14:20:10 17976 ----a-w- C:\Windows\System32\drivers\psi_mf.sys 2011-12-15 13:23:11 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2011-12-15 13:22:44 723456 ----a-w- C:\Windows\System32\EncDec.dll 2011-12-15 13:22:44 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-11-24 14:38:28 -------- d-----w- C:\Users\JIM\AppData\Local\Chromium 2011-11-13 20:15:48 -------- d-----w- C:\Program Files\Battlefield 3 2011-11-09 17:03:19 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll 2011-11-09 17:03:18 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll 2011-10-17 13:34:48 -------- d-----w- C:\Users\JIM\AppData\Local\ElevatedDiagnostics 2011-10-04 16:28:24 -------- d-----w- C:\ProgramData\GameXN 2011-09-30 07:42:42 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2011-09-30 07:42:39 -------- d-----w- C:\Users\JIM\AppData\Local\PunkBuster 2011-09-30 07:24:32 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2011-09-30 07:24:32 1468224 ----a-w- C:\Windows\System32\nvgenco64.dll 2011-09-30 07:21:05 -------- d-----w- C:\ProgramData\EA Core 2011-09-30 07:20:58 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller 2011-09-30 07:20:33 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2011-09-30 07:20:33 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-09-30 07:20:29 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2011-09-30 07:07:10 -------- d-----w- C:\ProgramData\Electronic Arts 2011-09-30 07:07:10 -------- d-----w- C:\Program Files (x86)\Origin Games 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2011-08-30 22:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe 2011-08-30 22:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll 2011-08-30 22:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll 2011-08-30 22:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll 2011-08-30 22:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe 2011-08-30 22:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll 2011-08-30 22:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll 2011-08-30 22:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll 2011-08-10 15:44:08 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll 2011-08-10 15:44:08 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll 2011-08-10 15:44:08 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll 2011-08-10 15:44:08 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll 2011-08-10 15:44:08 212992 ----a-w- C:\Windows\System32\odbctrac.dll 2011-08-10 15:44:08 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll 2011-08-10 15:44:08 163840 ----a-w- C:\Windows\System32\odbccp32.dll 2011-08-10 15:44:08 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll 2011-08-10 15:44:08 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll 2011-08-10 15:44:08 106496 ----a-w- C:\Windows\System32\odbccu32.dll 2011-08-10 15:44:08 106496 ----a-w- C:\Windows\System32\odbccr32.dll 2011-08-10 15:44:06 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-07-21 06:13:54 3333504 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\MSOINTL.DLL 2011-07-05 16:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2011-07-05 16:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2011-06-28 19:42:14 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-06-28 19:42:14 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-06-28 19:42:14 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-06-28 19:42:14 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-06-28 19:42:14 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-06-15 15:42:01 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2011-06-15 15:41:57 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-06-15 15:41:57 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-06-15 15:41:18 461312 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-06-15 15:41:18 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-06-15 15:41:17 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-06-15 15:40:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-06-15 15:40:58 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-06-10 23:15:38 93008 ----a-w- C:\Windows\System32\mfcm100u.dll 2011-06-07 14:19:47 -------- d-----w- C:\Users\JIM\.connectedTable 2011-05-29 15:14:34 -------- d-----w- C:\Users\JIM\AppData\Roaming\go 2011-05-29 15:14:32 -------- d-----w- C:\ProgramData\Easybits GO 2011-05-19 15:19:26 142336 ----a-w- C:\Windows\System32\poqexec.exe 2011-05-19 15:19:25 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2011-05-13 19:11:54 641536 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia80.dll 2011-05-10 06:06:14 22528 ----a-w- C:\Windows\System32\drivers\netaapl64.sys 2011-04-28 15:40:28 -------- d-----w- C:\Program Files (x86)\Heroes of Newerth 2011-04-21 12:43:34 148856 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\xlsrvintl.dll 2011-04-19 03:09:28 855376 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 2011-04-19 02:47:04 670032 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia90.dll 2011-03-09 15:11:30 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2011-03-09 15:11:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll 2011-03-09 15:11:29 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2011-03-09 15:11:29 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2011-03-09 15:11:29 1118720 ----a-w- C:\Windows\System32\sbe.dll 2011-03-09 15:11:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2011-03-09 15:11:22 3138048 ----a-w- C:\Windows\System32\mstscax.dll 2011-03-09 15:11:22 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll 2011-03-09 15:11:22 1097216 ----a-w- C:\Windows\System32\mstsc.exe 2011-03-09 15:11:22 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe 2011-03-02 05:17:36 232840 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe 2011-02-19 21:03:12 799568 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia100.dll 2011-02-19 20:51:56 990032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll 2011-02-04 12:41:24 163152 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1053\VBE7INTL.DLL 2011-01-12 15:03:44 720896 ----a-w- C:\Windows\System32\odbc32.dll 2011-01-12 15:03:44 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll 2011-01-12 15:03:44 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2011-01-12 15:03:44 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2011-01-12 15:03:44 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2011-01-12 15:03:44 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2011-01-12 15:03:44 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2011-01-12 15:03:44 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2011-01-09 16:04:52 -------- d-----w- C:\ProgramData\Boss Media 2011-01-09 16:04:51 -------- d-----w- C:\Users\JIM\AppData\Local\Boss Media 2011-01-09 16:04:47 -------- d-----w- C:\Casino 2011-01-09 13:36:18 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2011-01-09 13:35:55 -------- d-----w- C:\Windows\PCHEALTH 2011-01-09 13:35:55 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2011-01-09 13:34:06 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-01-09 13:33:21 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2011-01-09 13:33:21 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2011-01-08 06:26:34 3304832 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1053\MSOINTL.DLL 2010-12-21 02:24:50 7379816 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL 2010-12-20 18:28:22 15224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\BRANDING.DLL 2010-12-18 19:55:08 -------- d-----w- C:\Users\JIM\AppData\Roaming\.minecraft 2010-12-18 19:54:20 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2010-12-14 21:59:08 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2010-12-14 21:59:08 464384 ----a-w- C:\Windows\System32\taskeng.exe 2010-12-14 21:59:08 1169408 ----a-w- C:\Windows\System32\taskschd.dll 2010-12-14 21:59:08 1114624 ----a-w- C:\Windows\System32\schedsvc.dll 2010-12-14 21:59:07 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll 2010-12-14 21:59:07 473600 ----a-w- C:\Windows\System32\taskcomp.dll 2010-12-14 21:59:07 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll 2010-12-14 21:59:07 285696 ----a-w- C:\Windows\System32\schtasks.exe 2010-12-14 21:59:07 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe 2010-12-14 21:59:07 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe 2010-12-14 21:58:19 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe 2010-12-14 21:58:19 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe 2010-12-14 21:58:19 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll 2010-12-14 21:58:10 112000 ----a-w- C:\Windows\System32\consent.exe 2010-11-23 18:46:04 -------- d-----w- C:\Users\JIM\AppData\Local\ESET 2010-11-23 18:40:01 -------- d-----w- C:\Program Files\ESET 2010-11-11 19:24:28 -------- d-----w- C:\Program Files (x86)\Convert AVI to MP4 2010-11-11 19:07:14 -------- d-----w- C:\Users\JIM\AppData\Local\Apple Computer 2010-11-11 19:06:53 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll 2010-11-11 19:06:53 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2010-11-11 19:06:43 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-11-11 19:05:32 -------- d-----w- C:\Users\JIM\AppData\Local\Apple 2010-11-10 16:53:12 -------- d-----w- C:\Users\JIM\AppData\Local\Activision 2010-10-28 13:54:14 1377144 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe 2010-10-07 17:53:36 18264 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOLoaderUI.dll 2010-10-07 17:53:36 10080 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOInstallerUI.dll 2010-10-07 17:43:38 18264 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOLoaderUI.dll 2010-10-07 17:43:38 10080 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOInstallerUI.dll 2010-10-05 16:15:37 -------- d-----w- C:\Users\JIM\AppData\Local\Microsoft Help 2010-09-15 16:12:14 558592 ----a-w- C:\Windows\System32\spoolsv.exe 2010-09-07 19:27:13 -------- d-----w- C:\Users\JIM\AppData\Local\Google 2010-09-07 19:26:55 -------- d-----w- C:\Users\JIM\AppData\Local\Adobe 2010-09-07 08:27:24 -------- d-----w- C:\Users\JIM\AppData\Local\Copax 2010-09-07 08:04:07 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar 2010-09-07 08:03:55 834544 ----a-w- C:\Windows\System32\drivers\sptd.sys 2010-09-07 08:03:40 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2010-09-07 08:02:58 -------- d-----w- C:\Users\JIM\AppData\Roaming\DAEMON Tools Lite 2010-09-07 08:02:55 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2010-08-19 23:14:25 -------- d-----w- C:\Poker 2010-08-11 16:23:47 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll 2010-08-11 16:23:47 52224 ----a-w- C:\Windows\System32\rtutils.dll 2010-08-11 16:23:47 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll 2010-08-07 12:11:53 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2010-08-06 11:37:48 -------- d-----w- C:\ProgramData\Nero 2010-08-06 11:37:47 -------- d-----w- C:\Program Files (x86)\Nero 2010-07-30 13:55:40 -------- d-----w- C:\Program Files (x86)\StarCraft II 2010-07-10 10:36:34 -------- d-----w- C:\Program Files\VentriloMIX 2010-07-10 10:34:24 -------- d-----r- C:\Program Files (x86)\Skype 2010-06-26 15:41:51 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2010-06-26 15:41:50 -------- d-----w- C:\Program Files (x86)\Steam 2010-06-23 18:11:18 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll 2010-06-23 18:11:18 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll 2010-06-23 18:11:18 48960 ----a-w- C:\Windows\System32\netfxperf.dll 2010-06-23 18:11:18 444752 ----a-w- C:\Windows\System32\mscoree.dll 2010-06-23 18:11:18 320352 ----a-w- C:\Windows\System32\PresentationHost.exe 2010-06-23 18:11:18 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll 2010-06-23 18:11:18 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe 2010-06-23 18:11:18 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2010-06-23 18:11:18 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll 2010-06-23 18:11:18 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll 2010-06-22 11:32:42 6982480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFCC2B44-6FF5-4662-86C0-6B2C4678ACD1}\mpengine.dll 2010-06-20 16:34:27 -------- d-----w- C:\Windows\SysWow64\Wat 2010-06-20 16:34:27 -------- d-----w- C:\Windows\System32\Wat 2010-06-15 12:15:29 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2010-06-15 12:15:26 -------- d-----w- C:\Program Files\NVIDIA Corporation 2010-06-15 12:14:57 930272 ----a-w- C:\Windows\System32\dpinst.exe 2010-06-15 12:14:57 11240 ----a-w- C:\Windows\System32\drivers\nvBridge.kmd 2010-06-15 12:14:55 405608 ----a-w- C:\Windows\System32\nvdecodemft.dll 2010-06-15 12:14:55 332392 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll 2010-06-15 12:14:50 255592 ----a-w- C:\Windows\System32\nvcod1921.dll 2010-06-15 12:14:50 255592 ----a-w- C:\Windows\System32\nvcod.dll 2010-06-15 12:14:46 -------- d-----w- C:\NVIDIA 2010-06-15 11:41:06 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2010-06-15 08:06:38 6982480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2010-06-14 16:05:30 -------- d-----w- C:\Users\JIM\AppData\Roaming\Spotify 2010-06-14 16:05:30 -------- d-----w- C:\Users\JIM\AppData\Local\Spotify 2010-06-14 16:05:28 -------- d-----w- C:\Program Files (x86)\Spotify 2010-06-14 10:35:33 311808 ----a-w- C:\Windows\System32\msv1_0.dll 2010-06-14 10:35:33 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2010-06-14 10:34:19 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2010-06-13 23:29:32 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2010-06-13 23:29:32 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2010-06-13 23:29:20 -------- d-----w- C:\ProgramData\Blizzard 2010-06-13 23:18:54 -------- d-----w- C:\Users\JIM\StarCraft II Beta enGB 13891 Installer 2010-06-13 19:53:34 -------- d-----w- C:\Program Files (x86)\VideoLAN 2010-06-13 18:38:46 -------- d-----w- C:\Program Files (x86)\uTorrent 2010-06-13 18:38:11 -------- d-----w- C:\Users\JIM\AppData\Roaming\uTorrent 2010-06-13 18:34:56 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive 2010-06-13 18:33:28 139264 ----a-w- C:\Windows\System32\cabview.dll 2010-06-13 18:33:28 132608 ----a-w- C:\Windows\SysWow64\cabview.dll 2010-06-13 18:32:47 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2010-06-13 18:26:22 315904 ----a-w- C:\Windows\SysWow64\Difxbbfe.rra 2010-06-13 18:26:22 -------- d-----w- C:\RaidTool 2010-06-13 18:26:20 104408 ----a-w- C:\Windows\System32\drivers\jraid.sys 2010-06-13 18:26:12 -------- d-----w- C:\Windows\RaidTool 2010-06-13 18:24:48 -------- d-----w- C:\Program Files (x86)\Downloaded Installations 2010-06-13 18:24:08 -------- d-----w- C:\ProgramData\ASUS OC Profiles 2010-06-13 18:20:31 24576 ----a-r- C:\Windows\SysWow64\AsIO.dll 2010-06-13 18:20:31 14392 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys 2010-06-13 18:20:31 -------- d-----w- C:\Program Files (x86)\ASUS 2010-06-13 18:20:26 11832 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys 2010-06-13 18:20:26 10216 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys 2010-06-13 18:20:26 -------- d-----w- C:\Program Files\ASUS 2010-06-13 18:20:18 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2010-06-13 18:20:18 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2010-06-13 18:20:18 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2010-06-13 18:20:17 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2010-06-13 18:19:48 55296 ----a-w- C:\Windows\System32\drivers\L1E62x64.sys 2010-06-13 18:19:37 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e 2010-06-13 18:17:25 270208 ------w- C:\Windows\System32\MpSigStub.exe 2010-06-13 18:15:53 -------- d-sh--w- C:\Windows\Installer 2010-06-13 17:54:02 -------- d-----w- C:\Windows\AsusInstAll 2010-06-13 17:53:48 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll 2010-06-13 17:53:42 -------- d-----w- C:\Intel 2010-06-11 15:01:51 -------- d-----w- C:\Windows\Panther 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Start-meny 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Skrivbord 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Programdata 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Mallar 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Favoriter 2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Dokument 2010-06-11 14:23:09 -------- d-sh--we C:\Program Files\Delade filer 2010-06-11 14:23:09 -------- d-sh--we C:\Program 2010-06-11 14:23:09 -------- d-----w- C:\Recovery 2010-06-07 15:21:00 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2010-06-07 15:21:00 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2010-06-07 15:20:58 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2010-06-07 15:20:58 63336 ----a-w- C:\Windows\System32\nvshext.dll 2010-06-07 15:20:58 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2010-04-19 19:29:22 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll 2010-04-16 20:12:18 48464 ----a-w- C:\Windows\SysWow64\sirenacm.dll 2010-03-23 05:33:32 862656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEWSTR.DLL 2010-03-23 05:33:32 55736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEODBCI.DLL 2010-03-23 05:33:32 21968 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACERECR.DLL 2010-03-23 05:33:32 203176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEINTL.DLL 2010-03-22 19:42:28 47520 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll 2010-03-20 21:51:22 310664 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1053\FPNSESAT.DLL 2010-03-20 21:47:56 44424 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\MSSOAPR3.DLL 2010-03-20 21:42:18 200576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\OSETUPUI.DLL 2010-03-20 21:40:20 13184 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\OARPMANR.DLL 2010-03-20 20:54:26 17296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\promointl.dll 2010-03-20 20:43:54 18848 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\1053\PortalConnect.dll 2010-03-20 20:36:12 12160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\1053\MSOSVINT.DLL 2010-03-20 19:11:18 33664 ----a-w- C:\Windows\System32\FM20SVE.DLL 2010-03-20 16:28:58 159056 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ALRTINTL.DLL 2010-03-20 12:54:34 19320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1053\STINTL.DLL 2010-03-10 20:51:44 571320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe 2010-03-06 02:34:08 15712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE 2010-02-20 16:20:18 31616 ----a-w- C:\Windows\System32\FM20ENU.DLL 2010-01-21 20:11:42 58752 ----a-w- C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL 2010-01-21 20:10:26 18731904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL 2010-01-21 17:33:08 25352576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL 2010-01-21 17:33:08 138104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL 2010-01-21 16:13:58 2525048 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 2010-01-21 16:13:10 1652600 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL 2010-01-21 02:01:04 31104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL 2010-01-21 00:38:52 204168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE 2010-01-21 00:38:52 192384 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL 2010-01-21 00:02:04 9568 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL 2010-01-21 00:02:04 72521600 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL 2010-01-21 00:02:04 71032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL 2010-01-21 00:02:04 2527104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL 2010-01-21 00:02:04 234880 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL 2010-01-21 00:02:04 19848 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL 2010-01-21 00:02:04 18336 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL 2010-01-21 00:02:04 15744 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe 2010-01-20 23:56:18 72521600 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL 2010-01-20 23:56:18 2497920 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL 2010-01-20 23:05:26 15224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL 2010-01-20 22:54:38 473952 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE 2010-01-20 22:51:20 105344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll 2010-01-19 16:59:18 4729776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 2010-01-19 16:59:18 1784192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 2010-01-19 16:58:22 3273136 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll 2010-01-19 16:58:22 1219456 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 2010-01-16 02:43:14 55232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL 2010-01-16 02:43:14 52656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL 2010-01-16 02:43:14 451992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL 2010-01-16 02:43:14 342960 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL 2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL 2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL 2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL 2010-01-16 02:43:12 20944 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL 2010-01-13 21:31:14 419232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL 2010-01-10 17:50:20 56144 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 2010-01-10 17:50:12 1363344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL 2010-01-10 17:49:56 983440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL 2010-01-10 17:49:56 1871720 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL 2010-01-10 17:49:40 318368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL 2010-01-10 17:49:36 1366376 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL 2010-01-10 17:30:26 364928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL 2010-01-09 23:39:44 24976 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL 2010-01-09 23:34:46 44936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL 2010-01-09 23:34:46 10632 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL 2010-01-09 23:32:08 15760 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll 2010-01-09 23:31:02 56192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 2010-01-09 23:31:00 121168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE 2010-01-09 23:28:40 993160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE 2010-01-09 23:28:40 629664 ----a-w- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE 2010-01-09 23:22:40 49024 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 2010-01-09 21:15:16 553344 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll 2010-01-09 21:15:14 17312 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\1033\PortalConnect.dll 2010-01-09 21:05:26 15736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll 2010-01-09 21:04:50 1199008 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\WksConv\Wkconv.exe 2010-01-09 21:00:58 1486736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll 2010-01-09 21:00:58 1312656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll 2010-01-09 21:00:56 38768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll 2010-01-09 20:56:34 1249168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll 2010-01-09 20:33:06 154448 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL 2010-01-09 20:18:14 157024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE 2010-01-09 19:51:42 143736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL 2010-01-09 19:49:44 178576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL 2010-01-09 19:49:42 70544 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL 2010-01-09 19:40:44 110976 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL 2010-01-09 19:36:22 4289376 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL 2010-01-09 19:34:24 4925184 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 2010-01-09 19:34:24 2173696 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL 2010-01-09 19:34:24 1828608 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL 2010-01-09 19:34:24 148736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL 2010-01-09 19:34:24 1463568 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll 2010-01-09 19:34:24 146192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL 2010-01-09 19:31:42 705392 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL 2010-01-09 19:31:42 41864 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL 2010-01-09 19:31:42 147344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL 2010-01-09 19:30:56 11656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL 2010-01-09 19:28:26 123776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL 2010-01-09 19:28:24 98176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL 2010-01-09 19:28:24 217984 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL 2010-01-09 19:28:24 180096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL 2010-01-09 19:28:24 17280 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL 2010-01-09 19:28:24 159104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL 2010-01-09 19:28:24 101248 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL 2010-01-09 19:24:32 1603944 ----a-w- C:\Windows\System32\FM20.DLL 2010-01-09 19:21:56 1198464 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL 2010-01-09 19:20:56 174440 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 2010-01-07 03:51:22 812368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL 2009-12-17 08:21:20 148992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL 2009-12-17 08:21:06 3671368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL 2009-12-17 08:21:00 518472 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL 2009-12-17 08:21:00 49488 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL 2009-11-25 08:57:12 266096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL 2009-10-22 00:24:38 99656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe 2009-10-22 00:24:38 47960 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll 2009-10-22 00:24:38 370504 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll 2009-10-22 00:24:38 184640 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll 2009-10-22 00:24:38 18248 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll 2009-10-22 00:24:38 10064 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll 2009-10-21 21:08:30 94208 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll 2009-10-21 21:08:30 81920 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll 2009-10-21 21:08:30 49152 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll 2009-10-21 21:08:30 36864 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll 2009-10-21 21:08:30 36864 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll 2009-10-21 21:08:30 131072 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll 2009-10-21 21:08:26 77824 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll 2009-10-21 21:08:26 45056 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll 2009-10-21 21:08:26 22016 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll 2009-09-29 12:06:16 123200 ----a-w- C:\Windows\System32\drivers\epfwwfpr.sys 2009-09-29 12:03:00 136584 ----a-w- C:\Windows\System32\drivers\ehdrv.sys 2009-09-29 11:56:36 144824 ----a-w- C:\Windows\System32\drivers\eamon.sys 2009-09-04 07:02:36 591168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL 2009-08-17 21:33:52 1193832 ----a-w- C:\Windows\SysWow64\FM20.DLL 2009-07-20 22:05:40 1348432 ----a-w- C:\Windows\SysWow64\msxml4.dll 2009-07-14 08:20:26 -------- d-----w- C:\Program Files\Windows Journal 2009-07-14 08:19:49 -------- d-----w- C:\Windows\ShellNew 2009-07-14 08:19:49 -------- d-----w- C:\Windows\ehome 2009-07-14 08:19:43 -------- d-sh--w- C:\Windows\BitLockerDiscoveryVolumeContents 2009-07-14 08:19:42 -------- d-----w- C:\Windows\RemotePackages 2009-07-14 07:43:26 -------- d-----w- C:\Windows\SysWow64\XPSViewer 2009-07-14 07:42:52 2048 ----a-w- C:\Windows\System32\drivers\sv-SE\usbrpm.sys.mui 2009-07-14 05:37:46 -------- d-----w- C:\Windows\en-US 2009-07-14 05:37:46 -------- d-----w- C:\Windows\DigitalLocker 2009-07-14 05:12:52 -------- d-----w- C:\Windows\System32\wbem\Performance 2009-07-14 05:08:56 -------- d-sh--we C:\Documents and Settings 2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\good 2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\bad 2009-07-14 04:53:24 -------- d-----w- C:\Windows\System32\wbem\MOF 2009-07-14 04:45:50 -------- d-----w- C:\Windows\Setup 2009-07-14 04:45:47 -------- d-----w- C:\Windows\ServiceProfiles 2009-07-14 04:45:42 -------- d-s---w- C:\Windows\System32\Microsoft . ==================== Find3M ==================== . 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-03-08 12:39:43 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll 2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax 2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax 2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax 2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax 2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax 2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll 2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe 2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-06-10 23:15:38 93008 ----a-w- C:\Windows\System32\mfcm100.dll 2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll 2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe 2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe 2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll 2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2011-02-05 12:41:43 556928 ----a-w- C:\Windows\System32\winresume.efi 2011-02-05 12:41:35 640896 ----a-w- C:\Windows\System32\winload.efi 2011-02-05 12:41:24 20352 ----a-w- C:\Windows\System32\kdusb.dll 2011-02-05 12:41:24 19328 ----a-w- C:\Windows\System32\kd1394.dll 2011-02-05 12:41:23 17792 ----a-w- C:\Windows\System32\kdcom.dll 2011-02-05 12:39:21 603976 ----a-w- C:\Windows\System32\winload.exe 2011-02-05 12:39:21 518160 ----a-w- C:\Windows\System32\winresume.exe 2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll 2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll 2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll 2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll 2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll 2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll 2010-06-29 05:39:12 2085376 ----a-w- C:\Windows\System32\ole32.dll 2010-06-29 05:02:02 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll 2010-06-02 03:55:30 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll 2010-06-02 03:55:30 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll 2010-06-02 03:55:30 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll 2010-06-02 03:55:30 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll 2010-06-02 03:55:30 239960 ----a-w- C:\Windows\SysWow64\xactengine3_7.dll 2010-06-02 03:55:30 176984 ----a-w- C:\Windows\System32\xactengine3_7.dll 2010-05-26 10:41:02 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll 2010-05-26 10:41:02 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll 2010-05-26 10:41:02 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll . ============= FINISH: 0:07:00,21 ===============
  8. Hej Nu gick inget som det skulle å allt blev bara fel men hoppas det funkar ändå: Eset: Hitta inte advandced options men tog bort att den ska ta bort infekterade filer som du sa. Det ända loggliknande jag fick upp var att den har hittat x antal filer med namn C:\Qoobox\Quarantine\C\ProgramData\rwepfrwv.exe.vir Win32/Weelsof.B trojan C:\Qoobox\Quarantine\C\Windows\rwepfrwv.exe.vir Win32/Weelsof.B trojan C:\Users\JIM\Desktop\Elf Bot 8.60 + Crack Definitivo\ElfCrack.exe a variant of Win32/Packed.Themida application C:\Users\JIM\Desktop\värmegolv\Elf Bot 8.60 + Crack Definitivo.rar a variant of Win32/Packed Combifix: ComboFix 12-11-21.01 - JIM 2012-11-21 18:56:10.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2315 [GMT 1:00] Körs från: c:\users\JIM\Desktop\ComboFix.exe Kommandoväxlar som använts :: c:\users\JIM\Desktop\CFScript.ANSI AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\rwepfrwv.exe" . . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ujgxrmmbqvdhubu c:\programdata\ujgxrmmbqvdhubu\btn-green.png c:\programdata\ujgxrmmbqvdhubu\corners-btn.png c:\programdata\ujgxrmmbqvdhubu\corners1.png c:\programdata\ujgxrmmbqvdhubu\corners2.png c:\programdata\ujgxrmmbqvdhubu\corners3.png c:\programdata\ujgxrmmbqvdhubu\corners4.png c:\programdata\ujgxrmmbqvdhubu\ie6-7.css c:\programdata\ujgxrmmbqvdhubu\jquery.main.js c:\programdata\ujgxrmmbqvdhubu\main.html c:\programdata\ujgxrmmbqvdhubu\McAfee.png c:\programdata\ujgxrmmbqvdhubu\pay4.png c:\programdata\ujgxrmmbqvdhubu\pay5.png c:\programdata\ujgxrmmbqvdhubu\pay6.png c:\programdata\ujgxrmmbqvdhubu\steps-en.png c:\programdata\ujgxrmmbqvdhubu\steps-sw.png c:\programdata\ujgxrmmbqvdhubu\style.css c:\programdata\ujgxrmmbqvdhubu\sw-flag.png c:\programdata\ujgxrmmbqvdhubu\sw-image.png c:\programdata\ujgxrmmbqvdhubu\tabs.png c:\programdata\ujgxrmmbqvdhubu\wait.html c:\windows\rwepfrwv.exe . . (((((((((((((((((((((((( Filer skapade från 2012-10-21 till 2012-11-21 )))))))))))))))))))))))))))))) . . 2012-11-21 18:01 . 2012-11-21 18:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\programdata\Malwarebytes 2012-11-19 19:42 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-17 20:47 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iPod 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iTunes 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files (x86)\iTunes 2012-11-16 14:40 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 14:40 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 14:40 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2011-09-30 07:24 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-08 18:42 . 2012-05-07 13:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-08 18:42 . 2012-05-07 13:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-02 19:51 . 2010-06-07 15:20 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-06-07 15:21 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2012-09-04 15:25 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:50 . 2010-06-07 15:21 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2010-06-07 15:20 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-06-07 15:20 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-14 19:23 . 2012-10-10 08:25 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:30 . 2012-10-10 08:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-08-30 18:11 . 2012-10-10 08:25 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:18 . 2012-10-10 08:25 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18 . 2012-10-10 08:25 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05 . 2012-10-10 08:25 220160 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 17:10 . 2012-10-10 08:25 172544 ----a-w- c:\windows\SysWow64\wintrust.dll . . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* tomma poster & legitima standardposter visas inte. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-20 395640] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-07 39408] "Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-11-04 1199576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-05-18 2157056] "TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872] "Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-07 834544] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584] S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-02-18 294912] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] . . --- Övriga tjänster/drivrutiner i minnet --- . *NewlyCreated* - WS2IFSL . Innehåll i mappen 'Schemalagda aktiviteter': . 2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 18:42] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216] . ------- Extra genomsökning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.se/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - . AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe . . . --------------------- LÅSTA REGISTERNYCKLAR --------------------- . [HKEY_USERS\S-1-5-21-2933248981-3639431792-1704326883-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*W*E*t¶7\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . ------------------------ Andra processer som körs ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\SysWOW64\IoctlSvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files\ASUS\Six Engine\SixEngine.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe . ************************************************************************** . Sluttid: 2012-11-21 19:07:11 - datorn startades om. ComboFix-quarantined-files.txt 2012-11-21 18:07 ComboFix2.txt 2012-11-21 16:12 . Före genomsökningen: 527 920 783 360 byte ledigt Efter genomsökningen: 527 610 437 632 byte ledigt . - - End Of File - - AAFC4C9B122FE0F4F4D4A8589A37C280 Sedan tänkte jag passa på att påpeka att efter det jag har gjort med rensningar osv så har IE vääääldigt segt å funkar väldigt dåligt, har dock chrome som jag kan använda om du inte har en snabbfix till IE mvh jim
  9. Råkade tappa bort loggen från combofix... någon aning om vart jag kan hitta den? Tror jag läste att de radera filerna som den skulle iaf... här är dds: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-07.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2010-06-11 16:24:23 System Uptime: 2012-11-21 19:02:22 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 1999/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 491,453 GiB free. D: is CDROM () E: is Removable F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt RP144: 2012-11-17 00:49:48 - Windows Update RP145: 2012-11-18 15:16:45 - Windows Update RP146: 2012-11-20 20:28:25 - Removed Java 6 Update 23 . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader 9.3 - Svenska Apple-programstöd Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent Bonjour Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Convert AVI to MP4 1.3 Counter-Strike DAEMON Tools Toolbar Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Diablo III ElfBot NG 4.5.9 EPU-6 Engine ESET NOD32 Antivirus ESN Sonar Express Gate GameXN GO Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper Heroes of Newerth iTunes JMicron JMB36X Driver Left 4 Dead 2 Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access MUI (Swedish) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Excel MUI (Swedish) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office Groove MUI (Swedish) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office InfoPath MUI (Swedish) 2010 Microsoft Office Language Pack 2010 - Swedish/svenska Microsoft Office O MUI (Swedish) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office OneNote MUI (Swedish) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office Outlook MUI (Swedish) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint MUI (Swedish) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (Finnish) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proof (Swedish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing (Swedish) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Publisher MUI (Swedish) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared 32-bit MUI (Swedish) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared MUI (Swedish) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Swedish) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office Word MUI (Swedish) 2010 Microsoft Office X MUI (Swedish) 2010 Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml NVIDIA-uppdatering 1.10.8 NVIDIA 3D Vision drivrutin 306.97 NVIDIA 3D Vision drivrutin för styrenhet 301.42 NVIDIA Display Control Panel NVIDIA Grafikdrivrutin 306.97 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systemprogramvara 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components NVIDIAs kontrollpanel 306.97 Octoshape add-in for Adobe Flash Player Platform Poker at bet365 PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Safari Skype Toolbars Skype™ 5.10 Spotify StarCraft II Steam Svenska Spels Poker System Requirements Lab System Requirements Lab CYRI Turbo Key TurboV Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition VCRedistSetup VentriloMIX VIA Plattform för enhetshanterare Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live Upload Tool WinRAR VLC media player 2.0.1 . ==== End Of File =========================== DDS (Ver_2012-11-07.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by JIM at 19:10:53 on 2012-11-21 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2190 [GMT 1:00] . AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ASUS.SYS\config\DVMExportService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\SysWOW64\IoctlSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\ASUS\TurboV\TurboV.exe C:\Program Files\ASUS\Turbo Key\TurboKey.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wuauclt.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.se/ BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe" mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112] R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960] R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736] . =============== Created Last 30 ================ . 2012-11-21 18:03:10 -------- d-sh--w- C:\$RECYCLE.BIN 2012-11-21 15:59:22 98816 ----a-w- C:\Windows\sed.exe 2012-11-21 15:59:22 256000 ----a-w- C:\Windows\PEV.exe 2012-11-21 15:59:22 208896 ----a-w- C:\Windows\MBR.exe 2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod 2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes 2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes 2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll . ==================== Find3M ==================== . 2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll 2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll 2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll 2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll 2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll . ============= FINISH: 19:11:11,11 ===============
  10. Ok, ska göra det nu. Virusprogram blir NOD32, behöver bara uppdatera det. Om inte du kan rekommendera något bra gratis program... fattig man här bakom tangentbordet
  11. Combifix logg: ComboFix 12-11-21.01 - JIM 2012-11-21 17:01:12.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2530 [GMT 1:00] Körs från: c:\users\JIM\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\rwepfrwv.exe c:\users\JIM\Documents\~WRL0870.tmp c:\windows\7Loader.TAG . . (((((((((((((((((((((((( Filer skapade från 2012-10-21 till 2012-11-21 )))))))))))))))))))))))))))))) . . 2012-11-21 16:08 . 2012-11-21 16:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-11-21 16:08 . 2012-11-21 16:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\programdata\Malwarebytes 2012-11-19 19:42 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-19 17:37 . 2012-11-19 17:37 -------- d-----w- c:\programdata\ujgxrmmbqvdhubu 2012-11-19 17:37 . 2012-11-19 17:36 105472 ----a-w- c:\windows\rwepfrwv.exe 2012-11-17 20:47 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iPod 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iTunes 2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files (x86)\iTunes 2012-11-16 14:40 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-11-16 14:40 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-16 14:40 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2011-09-30 07:24 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-08 18:42 . 2012-05-07 13:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-08 18:42 . 2012-05-07 13:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-02 19:51 . 2010-06-07 15:20 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-06-07 15:21 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2012-09-04 15:25 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:50 . 2010-06-07 15:21 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2010-06-07 15:20 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-06-07 15:20 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-14 19:23 . 2012-10-10 08:25 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:30 . 2012-10-10 08:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-08-30 18:11 . 2012-10-10 08:25 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:18 . 2012-10-10 08:25 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18 . 2012-10-10 08:25 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05 . 2012-10-10 08:25 220160 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 17:10 . 2012-10-10 08:25 172544 ----a-w- c:\windows\SysWow64\wintrust.dll . . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* tomma poster & legitima standardposter visas inte. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-20 395640] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-07 39408] "Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-11-04 1199576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-05-18 2157056] "TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872] "Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864] "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-07 834544] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-02-18 294912] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] . . Innehåll i mappen 'Schemalagda aktiviteter': . 2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 18:42] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216] . ------- Extra genomsökning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.se/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - . AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe . . . --------------------- LÅSTA REGISTERNYCKLAR --------------------- . [HKEY_USERS\S-1-5-21-2933248981-3639431792-1704326883-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*W*E*t¶7\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Sluttid: 2012-11-21 17:12:50 ComboFix-quarantined-files.txt 2012-11-21 16:12 . Före genomsökningen: 504 714 989 568 byte ledigt Efter genomsökningen: 528 785 731 584 byte ledigt . - - End Of File - - 1AAAECEDCDD37745E227A2D442682E49 What to do now? Inte min farbrors dator, utan skrev farbror dator eftersom den börjar bli till åren Tack så mycket för hjälpen, skönt att få det fixat så jag kan göra klart allt inför 3 månader i Asien.
  12. Roguekiller: RogueKiller V8.3.1 [Nov 20 2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : JIM [Admin rights] Mode : Scan -- Date : 11/21/2012 16:48:59 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++ --- User --- [MBR] 5b053a7859582dc5f23ee7ac5d12d58f [bSP] 22baebbc00efefaf32e723a2d1088618 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_S_11212012_02d1648.txt >> RKreport[1]_S_11202012_02d2018.txt ; RKreport[2]_S_11212012_02d1648.txt -ska köra det andra programmet nu.
  13. Här är Roguekiller rapporten: (Sorry för dubbelpost innan) RogueKiller V8.3.0 [Nov 19 2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : JIM [Admin rights] Mode : Scan -- Date : 11/20/2012 20:18:39 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++ --- User --- [MBR] 5b053a7859582dc5f23ee7ac5d12d58f [bSP] 22baebbc00efefaf32e723a2d1088618 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_11202012_02d2018.txt >> RKreport[1]_S_11202012_02d2018.txt
  14. Här är de nya dds rapporterna: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2010-06-11 16:24:23 System Uptime: 2012-11-20 20:08:43 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 1999/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 421,52 GiB free. D: is CDROM () E: is Removable F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP139: 2012-10-10 11:22:19 - Windows Update RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt RP144: 2012-11-17 00:49:48 - Windows Update RP145: 2012-11-18 15:16:45 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader 9.3 - Svenska Apple-programstöd Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent Bonjour Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Convert AVI to MP4 1.3 Counter-Strike DAEMON Tools Toolbar Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Diablo III ElfBot NG 4.5.9 EPU-6 Engine ESET NOD32 Antivirus ESN Sonar Express Gate GameXN GO Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper Heroes of Newerth iTunes Java Auto Updater Java 6 Update 23 JMicron JMB36X Driver Left 4 Dead 2 Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access MUI (Swedish) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Excel MUI (Swedish) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office Groove MUI (Swedish) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office InfoPath MUI (Swedish) 2010 Microsoft Office Language Pack 2010 - Swedish/svenska Microsoft Office O MUI (Swedish) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office OneNote MUI (Swedish) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office Outlook MUI (Swedish) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint MUI (Swedish) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (Finnish) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proof (Swedish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing (Swedish) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Publisher MUI (Swedish) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared 32-bit MUI (Swedish) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared MUI (Swedish) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Swedish) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office Word MUI (Swedish) 2010 Microsoft Office X MUI (Swedish) 2010 Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml NVIDIA-uppdatering 1.10.8 NVIDIA 3D Vision drivrutin 306.97 NVIDIA 3D Vision drivrutin för styrenhet 301.42 NVIDIA Display Control Panel NVIDIA Grafikdrivrutin 306.97 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systemprogramvara 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components NVIDIAs kontrollpanel 306.97 Octoshape add-in for Adobe Flash Player Platform Poker at bet365 PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Safari Skype Toolbars Skype™ 5.10 Spotify StarCraft II Steam Svenska Spels Poker System Requirements Lab System Requirements Lab CYRI Turbo Key TurboV Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition VCRedistSetup VentriloMIX VIA Plattform för enhetshanterare Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live Upload Tool WinRAR VLC media player 2.0.1 . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 Run by JIM at 20:12:08 on 2012-11-20 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2225 [GMT 1:00] . AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ASUS.SYS\config\DVMExportService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\SysWOW64\IoctlSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\ASUS\TurboV\TurboV.exe C:\Program Files\ASUS\Turbo Key\TurboKey.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\msfeedssync.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.se/ mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe" mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112] R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960] R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736] . =============== Created Last 30 ================ . 2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-19 17:37:13 -------- d-----w- C:\ProgramData\ujgxrmmbqvdhubu 2012-11-19 17:37:10 105472 ----a-w- C:\Windows\rwepfrwv.exe 2012-11-19 17:37:10 105472 ----a-w- C:\ProgramData\rwepfrwv.exe 2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod 2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes 2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes 2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll . ==================== Find3M ==================== . 2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll 2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll 2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll 2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll 2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll . ============= FINISH: 20:13:24,75 =============== Ska köra rougekiller nu. De rapporterna kommer snart
  15. Tja. Lyckats så klart inplantera virus i min käre farbror dator, Det gär Ukash polisen 1000kr betala bla bla. Kan inte göra ett skit. Har kört lite virusprogram osv i felsäkert läge men det verkar inte vilja ge med sig så körde DDS och fick lite loggar som är helt obegripligt enligt mig men man kan ju inte vara bäst på allt Tack på förhand för hjälpen! Till loggarna då: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-07.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 2010-06-11 16:24:23 System Uptime: 2012-11-19 20:46:15 (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 421,522 GiB free. D: is CDROM () E: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: ehdrv Device ID: ROOT\LEGACY_EHDRV\0000 Manufacturer: Name: ehdrv PNP Device ID: ROOT\LEGACY_EHDRV\0000 Service: ehdrv . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOT\LEGACY_SPLDR\0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOT\LEGACY_SPLDR\0000 Service: spldr . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: sptd Device ID: ROOT\LEGACY_SPTD\0000 Manufacturer: Name: sptd PNP Device ID: ROOT\LEGACY_SPTD\0000 Service: sptd . ==== System Restore Points =================== . RP139: 2012-10-10 11:22:19 - Windows Update RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt RP144: 2012-11-17 00:49:48 - Windows Update RP145: 2012-11-18 15:16:45 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader 9.3 - Svenska Apple-programstöd Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent Bonjour Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Convert AVI to MP4 1.3 Counter-Strike DAEMON Tools Toolbar Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Diablo III ElfBot NG 4.5.9 EPU-6 Engine ESET NOD32 Antivirus ESN Sonar Express Gate GameXN GO Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper Heroes of Newerth iTunes Java Auto Updater Java 6 Update 23 JMicron JMB36X Driver Left 4 Dead 2 Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Language Pack Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access MUI (Swedish) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Excel MUI (Swedish) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office Groove MUI (Swedish) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office InfoPath MUI (Swedish) 2010 Microsoft Office Language Pack 2010 - Swedish/svenska Microsoft Office O MUI (Swedish) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office OneNote MUI (Swedish) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office Outlook MUI (Swedish) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint MUI (Swedish) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (Finnish) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proof (Swedish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing (Swedish) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Publisher MUI (Swedish) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared 32-bit MUI (Swedish) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared MUI (Swedish) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Swedish) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office Word MUI (Swedish) 2010 Microsoft Office X MUI (Swedish) 2010 Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml NVIDIA-uppdatering 1.10.8 NVIDIA 3D Vision drivrutin 306.97 NVIDIA 3D Vision drivrutin för styrenhet 301.42 NVIDIA Display Control Panel NVIDIA Grafikdrivrutin 306.97 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systemprogramvara 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components NVIDIAs kontrollpanel 306.97 Octoshape add-in for Adobe Flash Player Platform Poker at bet365 PunkBuster Services Quake Live Internet Explorer Plugin QuickTime Safari Skype Toolbars Skype™ 5.10 Spotify StarCraft II Steam Svenska Spels Poker System Requirements Lab System Requirements Lab CYRI Turbo Key TurboV Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition VCRedistSetup VentriloMIX VIA Plattform för enhetshanterare Windows Live Communications Platform Windows Live Essentials Windows Live inloggningsassistenten Windows Live Messenger Windows Live Upload Tool WinRAR VLC media player 2.0.1 . ==== End Of File =========================== DDS (Ver_2012-11-07.01) - NTFS_AMD64 NETWORK Internet Explorer: 9.0.8112.16455 Run by JIM at 21:04:12 on 2012-11-19 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2556 [GMT 1:00] . AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\helppane.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\JIM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P6GUTCUG\Ransom_unlock.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.se/ mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" uRun: [rwepfrwvqmkedzf] C:\Windows\rwepfrwv.exe mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe" mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe" mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112] S2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912] S2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960] S2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200] S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032] . =============== Created Last 30 ================ . 2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes 2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-19 17:37:13 -------- d-----w- C:\ProgramData\ujgxrmmbqvdhubu 2012-11-19 17:37:10 105472 ----a-w- C:\Windows\rwepfrwv.exe 2012-11-19 17:37:10 105472 ----a-w- C:\ProgramData\rwepfrwv.exe 2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod 2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes 2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes 2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll . ==================== Find3M ==================== . 2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll 2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll 2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll 2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll 2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll . ============= FINISH: 21:04:50,27 ===============
×
×
  • Skapa nytt...