Torjan polis ucash

[johnnyb]

Tja.

 

Lyckats så klart inplantera virus i min käre farbror dator, Det gär Ukash polisen 1000kr betala bla bla. Kan inte göra ett skit.

 

Har kört lite virusprogram osv i felsäkert läge men det verkar inte vilja ge med sig så körde DDS och fick lite loggar som är helt obegripligt enligt mig men man kan ju inte vara bäst på allt

 

Tack på förhand för hjälpen!

 

 

Till loggarna då:

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 2010-06-11 16:24:23

System Uptime: 2012-11-19 20:46:15 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO

Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 421,522 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: ehdrv

Device ID: ROOT\LEGACY_EHDRV\0000

Manufacturer:

Name: ehdrv

PNP Device ID: ROOT\LEGACY_EHDRV\0000

Service: ehdrv

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: sptd

Device ID: ROOT\LEGACY_SPTD\0000

Manufacturer:

Name: sptd

PNP Device ID: ROOT\LEGACY_SPTD\0000

Service: sptd

.

==== System Restore Points ===================

.

RP139: 2012-10-10 11:22:19 - Windows Update

RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin

RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt

RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt

RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt

RP144: 2012-11-17 00:49:48 - Windows Update

RP145: 2012-11-18 15:16:45 - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader 9.3 - Svenska

Apple-programstöd

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

µTorrent

Bonjour

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Convert AVI to MP4 1.3

Counter-Strike

DAEMON Tools Toolbar

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Diablo III

ElfBot NG 4.5.9

EPU-6 Engine

ESET NOD32 Antivirus

ESN Sonar

Express Gate

GameXN GO

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Heroes of Newerth

iTunes

Java Auto Updater

Java 6 Update 23

JMicron JMB36X Driver

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access MUI (Swedish) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Excel MUI (Swedish) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office Groove MUI (Swedish) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office InfoPath MUI (Swedish) 2010

Microsoft Office Language Pack 2010 - Swedish/svenska

Microsoft Office O MUI (Swedish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office OneNote MUI (Swedish) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office Outlook MUI (Swedish) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint MUI (Swedish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Finnish) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proof (Swedish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (Swedish) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Publisher MUI (Swedish) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared 32-bit MUI (Swedish) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (Swedish) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer MUI (Swedish) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Office Word MUI (Swedish) 2010

Microsoft Office X MUI (Swedish) 2010

Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MobileMe Control Panel

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Essentials

neroxml

NVIDIA-uppdatering 1.10.8

NVIDIA 3D Vision drivrutin 306.97

NVIDIA 3D Vision drivrutin för styrenhet 301.42

NVIDIA Display Control Panel

NVIDIA Grafikdrivrutin 306.97

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systemprogramvara 9.12.0213

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

NVIDIAs kontrollpanel 306.97

Octoshape add-in for Adobe Flash Player

Platform

Poker at bet365

PunkBuster Services

Quake Live Internet Explorer Plugin

QuickTime

Safari

Skype Toolbars

Skype™ 5.10

Spotify

StarCraft II

Steam

Svenska Spels Poker

System Requirements Lab

System Requirements Lab CYRI

Turbo Key

TurboV

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

VCRedistSetup

VentriloMIX

VIA Plattform för enhetshanterare

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Messenger

Windows Live Upload Tool

WinRAR

VLC media player 2.0.1

.

==== End Of File ===========================

DDS (Ver_2012-11-07.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16455

Run by JIM at 21:04:12 on 2012-11-19

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2556 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\helppane.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\JIM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P6GUTCUG\Ransom_unlock.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"

uRun: [rwepfrwvqmkedzf] C:\Windows\rwepfrwv.exe

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112]

S2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912]

S2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]

S2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032]

.

=============== Created Last 30 ================

.

2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-19 17:37:13 -------- d-----w- C:\ProgramData\ujgxrmmbqvdhubu

2012-11-19 17:37:10 105472 ----a-w- C:\Windows\rwepfrwv.exe

2012-11-19 17:37:10 105472 ----a-w- C:\ProgramData\rwepfrwv.exe

2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod

2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes

2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

.

==================== Find3M ====================

.

2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll

2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll

2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll

2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll

2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll

2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll

2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll

2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll

2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

.

============= FINISH: 21:04:50,27 ===============

[Cecilia]

1.

Klicka på Start-knappen och skriv in följande i den lilla sökrutan: msconfig

Starta programmet msconfig som kommer upp i listan ovanför.

 

På fliken Autostart letar du upp raden som innehåller filnamnet: rwepfrwv.exe

Ta bort bocken för den raden.

 

Starta om datorn i normalt läge.

 

2.

Kör DDS igen och klistra in den nya DDS.txt i ditt svar.

 

3.

Spara RougueKiller på Skrivbordet.

http://www.sur-la-toile.com/RogueKiller/

Stäng av alla program.

Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

 

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar.

[Brynäsarn]

Jag ser i DDS-loggen att det finns en väldigt gammal java-version med kända

säkerhetshål som gör det lätt att infektera datorn från en webbsida,

avinstallera Java 6 Update 23.

[johnnyb]

Här är de nya dds rapporterna:

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 2010-06-11 16:24:23

System Uptime: 2012-11-20 20:08:43 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO

Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 1999/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 421,52 GiB free.

D: is CDROM ()

E: is Removable

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP139: 2012-10-10 11:22:19 - Windows Update

RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin

RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt

RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt

RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt

RP144: 2012-11-17 00:49:48 - Windows Update

RP145: 2012-11-18 15:16:45 - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader 9.3 - Svenska

Apple-programstöd

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

µTorrent

Bonjour

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Convert AVI to MP4 1.3

Counter-Strike

DAEMON Tools Toolbar

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Diablo III

ElfBot NG 4.5.9

EPU-6 Engine

ESET NOD32 Antivirus

ESN Sonar

Express Gate

GameXN GO

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Heroes of Newerth

iTunes

Java Auto Updater

Java 6 Update 23

JMicron JMB36X Driver

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access MUI (Swedish) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Excel MUI (Swedish) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office Groove MUI (Swedish) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office InfoPath MUI (Swedish) 2010

Microsoft Office Language Pack 2010 - Swedish/svenska

Microsoft Office O MUI (Swedish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office OneNote MUI (Swedish) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office Outlook MUI (Swedish) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint MUI (Swedish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Finnish) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proof (Swedish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (Swedish) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Publisher MUI (Swedish) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared 32-bit MUI (Swedish) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (Swedish) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer MUI (Swedish) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Office Word MUI (Swedish) 2010

Microsoft Office X MUI (Swedish) 2010

Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MobileMe Control Panel

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Essentials

neroxml

NVIDIA-uppdatering 1.10.8

NVIDIA 3D Vision drivrutin 306.97

NVIDIA 3D Vision drivrutin för styrenhet 301.42

NVIDIA Display Control Panel

NVIDIA Grafikdrivrutin 306.97

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systemprogramvara 9.12.0213

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

NVIDIAs kontrollpanel 306.97

Octoshape add-in for Adobe Flash Player

Platform

Poker at bet365

PunkBuster Services

Quake Live Internet Explorer Plugin

QuickTime

Safari

Skype Toolbars

Skype™ 5.10

Spotify

StarCraft II

Steam

Svenska Spels Poker

System Requirements Lab

System Requirements Lab CYRI

Turbo Key

TurboV

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

VCRedistSetup

VentriloMIX

VIA Plattform för enhetshanterare

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Messenger

Windows Live Upload Tool

WinRAR

VLC media player 2.0.1

.

==== End Of File ===========================

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455

Run by JIM at 20:12:08 on 2012-11-20

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2225 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ASUS.SYS\config\DVMExportService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\ASUS\TurboV\TurboV.exe

C:\Program Files\ASUS\Turbo Key\TurboKey.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\msfeedssync.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]

R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736]

.

=============== Created Last 30 ================

.

2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-19 17:37:13 -------- d-----w- C:\ProgramData\ujgxrmmbqvdhubu

2012-11-19 17:37:10 105472 ----a-w- C:\Windows\rwepfrwv.exe

2012-11-19 17:37:10 105472 ----a-w- C:\ProgramData\rwepfrwv.exe

2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod

2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes

2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

.

==================== Find3M ====================

.

2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll

2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll

2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll

2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll

2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll

2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll

2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll

2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll

2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

.

============= FINISH: 20:13:24,75 ===============

 

 

Ska köra rougekiller nu. De rapporterna kommer snart

[johnnyb]

Här är Roguekiller rapporten:

 

(Sorry för dubbelpost innan)

 

RogueKiller V8.3.0 [Nov 19 2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User : JIM [Admin rights]

Mode : Scan -- Date : 11/20/2012 20:18:39

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 6 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED] ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++

--- User ---

[MBR] 5b053a7859582dc5f23ee7ac5d12d58f

[bSP] 22baebbc00efefaf32e723a2d1088618 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[1]_S_11202012_02d2018.txt >>

RKreport[1]_S_11202012_02d2018.txt

 

 

 

 

 

[Cecilia]

1.

Vistas och Windows 7s kontroll av användarkonto (UAC) är mycket bra på stoppa skadliga program från att installeras, se t ex:

http://www.idg.se/2.1085/1.164287

http://www.idg.se/2.1085/1.166702

Den är även nyttig på andra sätt se

http://www.idg.se/2.1085/1.269010/nyttan-med-uac-i-windows

Kontrollera att den är påslagen och på en hög nivå (den rekommenderade nivån eller högre):

Kontrollpanelen - System och säkerhet - Åtgärdscenter följt av UAC i vänsterkolumnen

 

Starta om datorn och kör RogueKiller igen. Klistra in den nya loggen.

 

2.

Hur ska din farbror ha det med antivirusprogram framöver?

Ett gammalt ouppdaterat antivirusprogram skyddar inget.

 

3.

Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

 

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

[johnnyb]

Roguekiller:

 

RogueKiller V8.3.1 [Nov 20 2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows 7 (6.1.7600 ) 64 bits version

Started in : Normal mode

User : JIM [Admin rights]

Mode : Scan -- Date : 11/21/2012 16:48:59

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED] ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++

--- User ---

[MBR] 5b053a7859582dc5f23ee7ac5d12d58f

[bSP] 22baebbc00efefaf32e723a2d1088618 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[2]_S_11212012_02d1648.txt >>

RKreport[1]_S_11202012_02d2018.txt ; RKreport[2]_S_11212012_02d1648.txt

 

 

 

-ska köra det andra programmet nu.

 

 

[johnnyb]

Combifix logg:

 

 

ComboFix 12-11-21.01 - JIM 2012-11-21 17:01:12.1.4 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2530 [GMT 1:00]

Körs från: c:\users\JIM\Desktop\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\rwepfrwv.exe

c:\users\JIM\Documents\~WRL0870.tmp

c:\windows\7Loader.TAG

.

.

(((((((((((((((((((((((( Filer skapade från 2012-10-21 till 2012-11-21 ))))))))))))))))))))))))))))))

.

.

2012-11-21 16:08 . 2012-11-21 16:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-11-21 16:08 . 2012-11-21 16:08 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\programdata\Malwarebytes

2012-11-19 19:42 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-19 17:37 . 2012-11-19 17:37 -------- d-----w- c:\programdata\ujgxrmmbqvdhubu

2012-11-19 17:37 . 2012-11-19 17:36 105472 ----a-w- c:\windows\rwepfrwv.exe

2012-11-17 20:47 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iPod

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iTunes

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files (x86)\iTunes

2012-11-16 14:40 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys

2012-11-16 14:40 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll

2012-11-16 14:40 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-10 20:22 . 2011-09-30 07:24 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 18:42 . 2012-05-07 13:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 18:42 . 2012-05-07 13:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-02 19:51 . 2010-06-07 15:20 3293544 ----a-w- c:\windows\system32\nvsvc64.dll

2012-10-02 19:51 . 2010-06-07 15:21 6200680 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 19:50 . 2012-09-04 15:25 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-10-02 19:50 . 2010-06-07 15:21 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:50 . 2010-06-07 15:20 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:50 . 2010-06-07 15:20 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-09-14 19:23 . 2012-10-10 08:25 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:30 . 2012-10-10 08:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-08-30 18:11 . 2012-10-10 08:25 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:18 . 2012-10-10 08:25 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18 . 2012-10-10 08:25 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05 . 2012-10-10 08:25 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 17:10 . 2012-10-10 08:25 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-20 395640]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-07 39408]

"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-11-04 1199576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-05-18 2157056]

"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872]

"Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-07 834544]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-02-18 294912]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

.

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 18:42]

.

2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27]

.

2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216]

.

------- Extra genomsökning -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.se/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.0.1

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe

.

.

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_USERS\S-1-5-21-2933248981-3639431792-1704326883-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*W*E*t¶7\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Sluttid: 2012-11-21 17:12:50

ComboFix-quarantined-files.txt 2012-11-21 16:12

.

Före genomsökningen: 504 714 989 568 byte ledigt

Efter genomsökningen: 528 785 731 584 byte ledigt

.

- - End Of File - - 1AAAECEDCDD37745E227A2D442682E49

 

What to do now?

 

Inte min farbrors dator, utan skrev farbror dator eftersom den börjar bli till åren

 

Tack så mycket för hjälpen, skönt att få det fixat så jag kan göra klart allt inför 3 månader i Asien.

[Cecilia]

I Asien är det mycket viktigt att vara försiktig med datorn.

Så hur ska du ha det med antivirusprogram?

 

Starta Anteckningar.

Kopiera alla rader i rutan:

Killall::
ClearJavaCache::
File::
c:\windows\rwepfrwv.exe
Folder::
c:\programdata\ujgxrmmbqvdhubu
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

och klistra in i Anteckningar. Kontrollera att inga filnamn/sökvägar delas upp på två rader.

Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut och en ny DDS-logg.

[johnnyb]

Ok, ska göra det nu.

Virusprogram blir NOD32, behöver bara uppdatera det. Om inte du kan rekommendera något bra gratis program... fattig man här bakom tangentbordet

[johnnyb]

Råkade tappa bort loggen från combofix... någon aning om vart jag kan hitta den? Tror jag läste att de radera filerna som den skulle iaf...

 

här är dds:

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 2010-06-11 16:24:23

System Uptime: 2012-11-21 19:02:22 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO

Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 1999/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 491,453 GiB free.

D: is CDROM ()

E: is Removable

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP140: 2012-10-12 19:56:20 - Installed Quake Live Internet Explorer Plugin

RP141: 2012-10-20 22:08:25 - Schemalagd kontrollpunkt

RP142: 2012-11-09 17:06:15 - Schemalagd kontrollpunkt

RP143: 2012-11-17 00:00:05 - Schemalagd kontrollpunkt

RP144: 2012-11-17 00:49:48 - Windows Update

RP145: 2012-11-18 15:16:45 - Windows Update

RP146: 2012-11-20 20:28:25 - Removed Java 6 Update 23

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader 9.3 - Svenska

Apple-programstöd

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

µTorrent

Bonjour

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Convert AVI to MP4 1.3

Counter-Strike

DAEMON Tools Toolbar

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Diablo III

ElfBot NG 4.5.9

EPU-6 Engine

ESET NOD32 Antivirus

ESN Sonar

Express Gate

GameXN GO

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Heroes of Newerth

iTunes

JMicron JMB36X Driver

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access MUI (Swedish) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Excel MUI (Swedish) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office Groove MUI (Swedish) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office InfoPath MUI (Swedish) 2010

Microsoft Office Language Pack 2010 - Swedish/svenska

Microsoft Office O MUI (Swedish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office OneNote MUI (Swedish) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office Outlook MUI (Swedish) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint MUI (Swedish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Finnish) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proof (Swedish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (Swedish) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Publisher MUI (Swedish) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared 32-bit MUI (Swedish) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (Swedish) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer MUI (Swedish) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Office Word MUI (Swedish) 2010

Microsoft Office X MUI (Swedish) 2010

Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MobileMe Control Panel

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Essentials

neroxml

NVIDIA-uppdatering 1.10.8

NVIDIA 3D Vision drivrutin 306.97

NVIDIA 3D Vision drivrutin för styrenhet 301.42

NVIDIA Display Control Panel

NVIDIA Grafikdrivrutin 306.97

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systemprogramvara 9.12.0213

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

NVIDIAs kontrollpanel 306.97

Octoshape add-in for Adobe Flash Player

Platform

Poker at bet365

PunkBuster Services

Quake Live Internet Explorer Plugin

QuickTime

Safari

Skype Toolbars

Skype™ 5.10

Spotify

StarCraft II

Steam

Svenska Spels Poker

System Requirements Lab

System Requirements Lab CYRI

Turbo Key

TurboV

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

VCRedistSetup

VentriloMIX

VIA Plattform för enhetshanterare

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Messenger

Windows Live Upload Tool

WinRAR

VLC media player 2.0.1

.

==== End Of File ===========================

 

DDS (Ver_2012-11-07.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455

Run by JIM at 19:10:53 on 2012-11-21

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2190 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ASUS.SYS\config\DVMExportService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\ASUS\TurboV\TurboV.exe

C:\Program Files\ASUS\Turbo Key\TurboKey.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]

R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736]

.

=============== Created Last 30 ================

.

2012-11-21 18:03:10 -------- d-sh--w- C:\$RECYCLE.BIN

2012-11-21 15:59:22 98816 ----a-w- C:\Windows\sed.exe

2012-11-21 15:59:22 256000 ----a-w- C:\Windows\PEV.exe

2012-11-21 15:59:22 208896 ----a-w- C:\Windows\MBR.exe

2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod

2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes

2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

.

==================== Find3M ====================

.

2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll

2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll

2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll

2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll

2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll

2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll

2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll

2012-10-08 18:42:16 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 18:42:16 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll

2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

.

============= FINISH: 19:11:11,11 ===============

[Cecilia]

ComboFix-loggen heter ComboFix.txt och finns i C:\.

[Cecilia]

Avinstallera:

Adobe Reader 9.3 - Svenska, för det är en gammal version med kända säkerhetshål som kan användas av en webbsida för att infektera datorn.

DAEMON Tools Toolbar, pga http://www.systemlookup.com/CLSID/29780-DTToolbar_dll_DTToolbar64_dll.html

 

Det finns kanske fler gamla programversioner med säkerhetshål i datorn. Låt Secunias Software Inspector kolla upp datorn och fixa de problem som den rapporterar. Den engelska sidan http://www.bleepingcomputer.com/tutorials/detect-vulnerable-programs-with-secunia-psi/ beskriver hur man installerar och använder programmet.

 

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar kopiera resultatet och klistra sedan in det i ditt svar.

[johnnyb]

Hej

 

Nu gick inget som det skulle å allt blev bara fel men hoppas det funkar ändå:

 

Eset:

 

Hitta inte advandced options men tog bort att den ska ta bort infekterade filer som du sa.

Det ända loggliknande jag fick upp var att den har hittat x antal filer med namn

 

 

C:\Qoobox\Quarantine\C\ProgramData\rwepfrwv.exe.vir Win32/Weelsof.B trojan

C:\Qoobox\Quarantine\C\Windows\rwepfrwv.exe.vir Win32/Weelsof.B trojan

C:\Users\JIM\Desktop\Elf Bot 8.60 + Crack Definitivo\ElfCrack.exe a variant of Win32/Packed.Themida application

C:\Users\JIM\Desktop\värmegolv\Elf Bot 8.60 + Crack Definitivo.rar a variant of Win32/Packed

 

Combifix:

 

 

ComboFix 12-11-21.01 - JIM 2012-11-21 18:56:10.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2315 [GMT 1:00]

Körs från: c:\users\JIM\Desktop\ComboFix.exe

Kommandoväxlar som använts :: c:\users\JIM\Desktop\CFScript.ANSI

AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\rwepfrwv.exe"

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ujgxrmmbqvdhubu

c:\programdata\ujgxrmmbqvdhubu\btn-green.png

c:\programdata\ujgxrmmbqvdhubu\corners-btn.png

c:\programdata\ujgxrmmbqvdhubu\corners1.png

c:\programdata\ujgxrmmbqvdhubu\corners2.png

c:\programdata\ujgxrmmbqvdhubu\corners3.png

c:\programdata\ujgxrmmbqvdhubu\corners4.png

c:\programdata\ujgxrmmbqvdhubu\ie6-7.css

c:\programdata\ujgxrmmbqvdhubu\jquery.main.js

c:\programdata\ujgxrmmbqvdhubu\main.html

c:\programdata\ujgxrmmbqvdhubu\McAfee.png

c:\programdata\ujgxrmmbqvdhubu\pay4.png

c:\programdata\ujgxrmmbqvdhubu\pay5.png

c:\programdata\ujgxrmmbqvdhubu\pay6.png

c:\programdata\ujgxrmmbqvdhubu\steps-en.png

c:\programdata\ujgxrmmbqvdhubu\steps-sw.png

c:\programdata\ujgxrmmbqvdhubu\style.css

c:\programdata\ujgxrmmbqvdhubu\sw-flag.png

c:\programdata\ujgxrmmbqvdhubu\sw-image.png

c:\programdata\ujgxrmmbqvdhubu\tabs.png

c:\programdata\ujgxrmmbqvdhubu\wait.html

c:\windows\rwepfrwv.exe

.

.

(((((((((((((((((((((((( Filer skapade från 2012-10-21 till 2012-11-21 ))))))))))))))))))))))))))))))

.

.

2012-11-21 18:01 . 2012-11-21 18:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-19 19:42 . 2012-11-19 19:42 -------- d-----w- c:\programdata\Malwarebytes

2012-11-19 19:42 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-17 20:47 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iPod

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files\iTunes

2012-11-17 20:47 . 2012-11-17 20:47 -------- d-----w- c:\program files (x86)\iTunes

2012-11-16 14:40 . 2012-10-18 18:18 3147264 ----a-w- c:\windows\system32\win32k.sys

2012-11-16 14:40 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll

2012-11-16 14:40 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-10 20:22 . 2011-09-30 07:24 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 18:42 . 2012-05-07 13:32 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 18:42 . 2012-05-07 13:32 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-02 19:51 . 2010-06-07 15:20 3293544 ----a-w- c:\windows\system32\nvsvc64.dll

2012-10-02 19:51 . 2010-06-07 15:21 6200680 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 19:50 . 2012-09-04 15:25 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-10-02 19:50 . 2010-06-07 15:21 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:50 . 2010-06-07 15:20 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:50 . 2010-06-07 15:20 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-09-14 19:23 . 2012-10-10 08:25 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:30 . 2012-10-10 08:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-08-30 18:11 . 2012-10-10 08:25 5505904 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:18 . 2012-10-10 08:25 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18 . 2012-10-10 08:25 3902832 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05 . 2012-10-10 08:25 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 17:10 . 2012-10-10 08:25 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-12-20 395640]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-07 39408]

"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-11-04 1199576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-05-18 2157056]

"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872]

"Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-07 834544]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-29 136584]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-02-18 294912]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-09-29 735960]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-09-29 123200]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

.

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*NewlyCreated* - WS2IFSL

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 18:42]

.

2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27]

.

2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 19:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2716216]

.

------- Extra genomsökning -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.se/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.0.1

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe

.

.

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_USERS\S-1-5-21-2933248981-3639431792-1704326883-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*W*E*t¶7\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

------------------------ Andra processer som körs ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\SysWOW64\IoctlSvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files\ASUS\Six Engine\SixEngine.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

.

**************************************************************************

.

Sluttid: 2012-11-21 19:07:11 - datorn startades om.

ComboFix-quarantined-files.txt 2012-11-21 18:07

ComboFix2.txt 2012-11-21 16:12

.

Före genomsökningen: 527 920 783 360 byte ledigt

Efter genomsökningen: 527 610 437 632 byte ledigt

.

- - End Of File - - AAFC4C9B122FE0F4F4D4A8589A37C280

 

Sedan tänkte jag passa på att påpeka att efter det jag har gjort med rensningar osv så har IE vääääldigt segt å funkar väldigt dåligt, har dock chrome som jag kan använda

om du inte har en snabbfix till IE

 

mvh jim

[Cecilia]

C:\Users\JIM\Desktop\Elf Bot 8.60 + Crack Definitivo\ElfCrack.exe a variant of Win32/Packed.Themida application

C:\Users\JIM\Desktop\värmegolv\Elf Bot 8.60 + Crack Definitivo.rar a variant of Win32/Packed

Alltid en risk att använda crackade program.

 

Starta om datorn och se om IE fungerar bättre.

 

I vilket fall som helst kör DDS och klistra in de två loggarna därifrån.

[johnnyb]

IE är fortfarande segt som attan...

Hur får jag enkelt bort alla skadliga program? som tex de du sa i ditt inlägg.

 

Klockan på datorn samt datum är helt ur fas, känns som något har hänt med hela systemet. som om allt är nollstället...

 

dds:

 

 

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 2010-06-11 16:24:23

System Uptime: 2002-01-01 23:23:09 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO

Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz | LGA 775 | 2499/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 492,526 GiB free.

D: is CDROM ()

E: is Removable

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP147: 2002-01-01 18:43:54 - Removed Adobe Reader 9.3 - Svenska.

RP148: 2002-01-01 18:44:32 - Removed Adobe Reader 9.3 - Svenska.

RP145: 2012-11-18 15:16:45 - Windows Update

RP146: 2012-11-20 20:28:25 - Removed Java 6 Update 23

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Apple-programstöd

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

µTorrent

Bonjour

Call of Duty: Black Ops

Call of Duty: Black Ops - Multiplayer

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Convert AVI to MP4 1.3

Counter-Strike

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Diablo III

ElfBot NG 4.5.9

EPU-6 Engine

ESET NOD32 Antivirus

ESET Online Scanner v3

ESN Sonar

Express Gate

GameXN GO

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Heroes of Newerth

iTunes

JMicron JMB36X Driver

Left 4 Dead 2

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access MUI (Swedish) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Excel MUI (Swedish) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office Groove MUI (Swedish) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office InfoPath MUI (Swedish) 2010

Microsoft Office Language Pack 2010 - Swedish/svenska

Microsoft Office O MUI (Swedish) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office OneNote MUI (Swedish) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office Outlook MUI (Swedish) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office PowerPoint MUI (Swedish) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Finnish) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proof (Swedish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing (Swedish) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Publisher MUI (Swedish) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared 32-bit MUI (Swedish) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared MUI (Swedish) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer MUI (Swedish) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Office Word MUI (Swedish) 2010

Microsoft Office X MUI (Swedish) 2010

Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MobileMe Control Panel

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 8 Essentials

neroxml

NVIDIA-uppdatering 1.10.8

NVIDIA 3D Vision drivrutin 306.97

NVIDIA 3D Vision drivrutin för styrenhet 301.42

NVIDIA Display Control Panel

NVIDIA Grafikdrivrutin 306.97

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systemprogramvara 9.12.0213

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

NVIDIAs kontrollpanel 306.97

Octoshape add-in for Adobe Flash Player

Platform

Poker at bet365

PunkBuster Services

Quake Live Internet Explorer Plugin

QuickTime

Safari

Secunia PSI (3.0.0.4001)

Skype Toolbars

Skype™ 5.10

Spotify

StarCraft II

Steam

Svenska Spels Poker

System Requirements Lab

System Requirements Lab CYRI

Turbo Key

TurboV

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

VCRedistSetup

VentriloMIX

VIA Plattform för enhetshanterare

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Messenger

Windows Live Upload Tool

WinRAR

VLC media player 2.0.1

.

==== End Of File ===========================

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455

Run by JIM at 0:06:03 on 2002-01-02

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1053.18.4095.2521 [GMT 1:00]

.

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ASUS.SYS\config\DVMExportService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\TurboV\TurboV.exe

C:\Program Files\ASUS\Turbo Key\TurboKey.exe

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{463DFB51-CDA3-4A23-937F-1F85AA42F57C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6D28D63B-9B4A-4C58-9BCD-E207B8666BFD} : DHCPNameServer = 130.244.127.161 130.244.127.169

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-13 90112]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-2-18 294912]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-29 735960]

R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-29 123200]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-19 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-19 676936]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-19 25928]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-13 1196032]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-20 1255736]

.

=============== Created Last 30 ================

.

2012-11-21 18:03:10 -------- d-sh--w- C:\$RECYCLE.BIN

2012-11-21 15:59:22 98816 ----a-w- C:\Windows\sed.exe

2012-11-21 15:59:22 256000 ----a-w- C:\Windows\PEV.exe

2012-11-21 15:59:22 208896 ----a-w- C:\Windows\MBR.exe

2012-11-19 19:42:17 -------- d-----w- C:\Users\JIM\AppData\Roaming\Malwarebytes

2012-11-19 19:42:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-19 19:42:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-19 19:42:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-17 20:47:57 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-17 20:47:25 -------- d-----w- C:\Program Files\iPod

2012-11-17 20:47:24 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-17 20:47:24 -------- d-----w- C:\Program Files\iTunes

2012-11-17 20:47:24 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-16 14:40:54 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-11-16 14:40:41 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-11-16 14:40:41 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-10-18 20:20:55 -------- d-----w- C:\Program Files (x86)\ElfBot NG

2012-10-12 18:51:58 -------- d-----w- C:\Users\JIM\AppData\Roaming\Tibia

2012-10-12 18:08:09 -------- d-----w- C:\Users\JIM\AppData\Roaming\NVIDIA

2012-10-12 17:56:39 -------- d-----w- C:\ProgramData\id Software

2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll

2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll

2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll

2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll

2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll

2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll

2012-10-10 08:25:27 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-10-10 08:25:24 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-10-10 08:25:23 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-10-10 08:25:10 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-10-10 08:25:10 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-10-10 08:25:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-10-10 08:25:02 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-10-10 08:24:53 714752 ----a-w- C:\Windows\System32\kerberos.dll

2012-10-10 08:24:52 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll

2012-10-10 08:24:47 1462784 ----a-w- C:\Windows\System32\crypt32.dll

2012-10-10 08:24:47 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-10-10 08:24:46 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-10-10 08:24:46 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-10-10 08:24:46 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-10-10 08:24:46 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-09-04 15:25:08 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-08-16 12:50:58 58880 ----a-w- C:\Windows\System32\browcli.dll

2012-08-16 12:50:58 41472 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-16 12:50:58 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-16 12:50:44 956416 ----a-w- C:\Windows\System32\localspl.dll

2012-07-11 14:20:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-07-11 14:20:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-07-11 14:20:43 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll

2012-07-11 14:20:42 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2012-07-09 12:42:56 4547984 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-07-09 12:42:54 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-06-19 13:53:57 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-19 13:53:33 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-19 13:53:11 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-19 13:53:11 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-13 14:36:51 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-13 14:36:51 76288 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-06-13 14:36:51 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-06-13 14:36:37 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-05-17 05:34:04 57464 ----a-w- C:\Program Files\Common Files\System\MSMAPI\1053\MSMAPI32.DLL

2012-05-15 14:41:28 -------- d-----w- C:\Program Files (x86)\Diablo III

2012-05-12 09:57:43 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-05-12 09:57:43 1541120 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-12 09:57:43 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-12 09:57:42 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-05-12 09:57:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-05-12 09:57:42 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-05-12 09:57:42 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-05-12 09:57:42 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-05-12 09:57:42 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-05-12 09:57:42 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-05-12 09:56:39 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-12 09:56:35 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-12 09:56:32 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-12 09:56:32 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2012-05-12 09:56:32 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-12 09:56:31 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2012-05-12 09:56:31 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2012-05-07 13:32:23 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-07 13:32:23 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-25 17:45:29 -------- d-----w- C:\Windows\System32\appmgmt

2012-04-22 10:05:53 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2012-04-22 10:03:34 68928 ----a-w- C:\Windows\System32\OpenCL.dll

2012-04-22 10:03:34 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2012-04-22 08:42:03 -------- d-----w- C:\ProgramData\Battle.net

2012-04-15 20:39:15 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-04-15 20:39:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll

2012-04-15 20:39:12 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-04-15 20:39:11 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-04-15 20:39:10 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-03-14 15:23:06 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 15:23:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 15:23:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-08 12:39:43 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2012-02-20 14:58:35 -------- d-----w- C:\Program Files\Bonjour

2012-02-20 14:58:35 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-02-16 15:01:20 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-02-16 15:01:15 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2012-02-16 15:01:15 634368 ----a-w- C:\Windows\System32\msvcrt.dll

2012-01-31 16:02:14 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2012-01-31 16:02:13 395776 ----a-w- C:\Windows\System32\webio.dll

2012-01-31 16:02:13 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2012-01-31 16:02:13 31232 ----a-w- C:\Windows\System32\lsass.exe

2012-01-31 16:02:13 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2012-01-31 16:02:13 28160 ----a-w- C:\Windows\System32\secur32.dll

2012-01-31 16:02:13 136192 ----a-w- C:\Windows\System32\sspicli.dll

2012-01-11 14:44:58 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-11 14:44:58 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-11 14:44:57 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-11 14:44:57 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-11 14:44:52 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-11 14:44:51 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-11 14:44:34 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-11 14:44:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2011-12-16 14:20:10 17976 ----a-w- C:\Windows\System32\drivers\psi_mf.sys

2011-12-15 13:23:11 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2011-12-15 13:22:44 723456 ----a-w- C:\Windows\System32\EncDec.dll

2011-12-15 13:22:44 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-11-24 14:38:28 -------- d-----w- C:\Users\JIM\AppData\Local\Chromium

2011-11-13 20:15:48 -------- d-----w- C:\Program Files\Battlefield 3

2011-11-09 17:03:19 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 17:03:18 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-10-17 13:34:48 -------- d-----w- C:\Users\JIM\AppData\Local\ElevatedDiagnostics

2011-10-04 16:28:24 -------- d-----w- C:\ProgramData\GameXN

2011-09-30 07:42:42 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2011-09-30 07:42:39 -------- d-----w- C:\Users\JIM\AppData\Local\PunkBuster

2011-09-30 07:24:32 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll

2011-09-30 07:24:32 1468224 ----a-w- C:\Windows\System32\nvgenco64.dll

2011-09-30 07:21:05 -------- d-----w- C:\ProgramData\EA Core

2011-09-30 07:20:58 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller

2011-09-30 07:20:33 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-09-30 07:20:33 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2011-09-30 07:20:29 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2011-09-30 07:07:10 -------- d-----w- C:\ProgramData\Electronic Arts

2011-09-30 07:07:10 -------- d-----w- C:\Program Files (x86)\Origin Games

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2011-09-07 18:23:39 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2011-08-30 22:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-30 22:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-30 22:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-08-30 22:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-08-30 22:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-30 22:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-30 22:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-08-30 22:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

2011-08-10 15:44:08 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll

2011-08-10 15:44:08 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll

2011-08-10 15:44:08 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll

2011-08-10 15:44:08 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll

2011-08-10 15:44:08 212992 ----a-w- C:\Windows\System32\odbctrac.dll

2011-08-10 15:44:08 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll

2011-08-10 15:44:08 163840 ----a-w- C:\Windows\System32\odbccp32.dll

2011-08-10 15:44:08 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll

2011-08-10 15:44:08 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll

2011-08-10 15:44:08 106496 ----a-w- C:\Windows\System32\odbccu32.dll

2011-08-10 15:44:08 106496 ----a-w- C:\Windows\System32\odbccr32.dll

2011-08-10 15:44:06 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-07-21 06:13:54 3333504 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\MSOINTL.DLL

2011-07-05 16:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2011-07-05 16:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2011-06-28 19:42:14 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-06-28 19:42:14 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-06-28 19:42:14 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-06-28 19:42:14 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-06-28 19:42:14 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-06-15 15:42:01 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys

2011-06-15 15:41:57 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-06-15 15:41:57 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-06-15 15:41:18 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-06-15 15:41:18 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-06-15 15:41:17 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-06-15 15:40:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-06-15 15:40:58 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-06-10 23:15:38 93008 ----a-w- C:\Windows\System32\mfcm100u.dll

2011-06-07 14:19:47 -------- d-----w- C:\Users\JIM\.connectedTable

2011-05-29 15:14:34 -------- d-----w- C:\Users\JIM\AppData\Roaming\go

2011-05-29 15:14:32 -------- d-----w- C:\ProgramData\Easybits GO

2011-05-19 15:19:26 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-05-19 15:19:25 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-05-13 19:11:54 641536 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia80.dll

2011-05-10 06:06:14 22528 ----a-w- C:\Windows\System32\drivers\netaapl64.sys

2011-04-28 15:40:28 -------- d-----w- C:\Program Files (x86)\Heroes of Newerth

2011-04-21 12:43:34 148856 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\xlsrvintl.dll

2011-04-19 03:09:28 855376 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll

2011-04-19 02:47:04 670032 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia90.dll

2011-03-09 15:11:30 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2011-03-09 15:11:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll

2011-03-09 15:11:29 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2011-03-09 15:11:29 259072 ----a-w- C:\Windows\System32\mpg2splt.ax

2011-03-09 15:11:29 1118720 ----a-w- C:\Windows\System32\sbe.dll

2011-03-09 15:11:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2011-03-09 15:11:22 3138048 ----a-w- C:\Windows\System32\mstscax.dll

2011-03-09 15:11:22 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll

2011-03-09 15:11:22 1097216 ----a-w- C:\Windows\System32\mstsc.exe

2011-03-09 15:11:22 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe

2011-03-02 05:17:36 232840 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe

2011-02-19 21:03:12 799568 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia100.dll

2011-02-19 20:51:56 990032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll

2011-02-04 12:41:24 163152 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1053\VBE7INTL.DLL

2011-01-12 15:03:44 720896 ----a-w- C:\Windows\System32\odbc32.dll

2011-01-12 15:03:44 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll

2011-01-12 15:03:44 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll

2011-01-12 15:03:44 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll

2011-01-12 15:03:44 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2011-01-12 15:03:44 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll

2011-01-12 15:03:44 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll

2011-01-12 15:03:44 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll

2011-01-09 16:04:52 -------- d-----w- C:\ProgramData\Boss Media

2011-01-09 16:04:51 -------- d-----w- C:\Users\JIM\AppData\Local\Boss Media

2011-01-09 16:04:47 -------- d-----w- C:\Casino

2011-01-09 13:36:18 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2011-01-09 13:35:55 -------- d-----w- C:\Windows\PCHEALTH

2011-01-09 13:35:55 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2011-01-09 13:34:06 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2011-01-09 13:33:21 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2011-01-09 13:33:21 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2011-01-08 06:26:34 3304832 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1053\MSOINTL.DLL

2010-12-21 02:24:50 7379816 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSETUP.DLL

2010-12-20 18:28:22 15224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\BRANDING.DLL

2010-12-18 19:55:08 -------- d-----w- C:\Users\JIM\AppData\Roaming\.minecraft

2010-12-18 19:54:20 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-12-14 21:59:08 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2010-12-14 21:59:08 464384 ----a-w- C:\Windows\System32\taskeng.exe

2010-12-14 21:59:08 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2010-12-14 21:59:08 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2010-12-14 21:59:07 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2010-12-14 21:59:07 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2010-12-14 21:59:07 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2010-12-14 21:59:07 285696 ----a-w- C:\Windows\System32\schtasks.exe

2010-12-14 21:59:07 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2010-12-14 21:59:07 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2010-12-14 21:58:19 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe

2010-12-14 21:58:19 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe

2010-12-14 21:58:19 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll

2010-12-14 21:58:10 112000 ----a-w- C:\Windows\System32\consent.exe

2010-11-23 18:46:04 -------- d-----w- C:\Users\JIM\AppData\Local\ESET

2010-11-23 18:40:01 -------- d-----w- C:\Program Files\ESET

2010-11-11 19:24:28 -------- d-----w- C:\Program Files (x86)\Convert AVI to MP4

2010-11-11 19:07:14 -------- d-----w- C:\Users\JIM\AppData\Local\Apple Computer

2010-11-11 19:06:53 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll

2010-11-11 19:06:53 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2010-11-11 19:06:43 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2010-11-11 19:05:32 -------- d-----w- C:\Users\JIM\AppData\Local\Apple

2010-11-10 16:53:12 -------- d-----w- C:\Users\JIM\AppData\Local\Activision

2010-10-28 13:54:14 1377144 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe

2010-10-07 17:53:36 18264 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOLoaderUI.dll

2010-10-07 17:53:36 10080 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOInstallerUI.dll

2010-10-07 17:43:38 18264 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOLoaderUI.dll

2010-10-07 17:43:38 10080 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1053\VSTOInstallerUI.dll

2010-10-05 16:15:37 -------- d-----w- C:\Users\JIM\AppData\Local\Microsoft Help

2010-09-15 16:12:14 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2010-09-07 19:27:13 -------- d-----w- C:\Users\JIM\AppData\Local\Google

2010-09-07 19:26:55 -------- d-----w- C:\Users\JIM\AppData\Local\Adobe

2010-09-07 08:27:24 -------- d-----w- C:\Users\JIM\AppData\Local\Copax

2010-09-07 08:04:07 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar

2010-09-07 08:03:55 834544 ----a-w- C:\Windows\System32\drivers\sptd.sys

2010-09-07 08:03:40 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2010-09-07 08:02:58 -------- d-----w- C:\Users\JIM\AppData\Roaming\DAEMON Tools Lite

2010-09-07 08:02:55 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2010-08-19 23:14:25 -------- d-----w- C:\Poker

2010-08-11 16:23:47 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll

2010-08-11 16:23:47 52224 ----a-w- C:\Windows\System32\rtutils.dll

2010-08-11 16:23:47 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll

2010-08-07 12:11:53 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2010-08-06 11:37:48 -------- d-----w- C:\ProgramData\Nero

2010-08-06 11:37:47 -------- d-----w- C:\Program Files (x86)\Nero

2010-07-30 13:55:40 -------- d-----w- C:\Program Files (x86)\StarCraft II

2010-07-10 10:36:34 -------- d-----w- C:\Program Files\VentriloMIX

2010-07-10 10:34:24 -------- d-----r- C:\Program Files (x86)\Skype

2010-06-26 15:41:51 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2010-06-26 15:41:50 -------- d-----w- C:\Program Files (x86)\Steam

2010-06-23 18:11:18 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2010-06-23 18:11:18 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2010-06-23 18:11:18 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2010-06-23 18:11:18 444752 ----a-w- C:\Windows\System32\mscoree.dll

2010-06-23 18:11:18 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2010-06-23 18:11:18 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2010-06-23 18:11:18 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2010-06-23 18:11:18 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2010-06-23 18:11:18 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2010-06-23 18:11:18 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2010-06-22 11:32:42 6982480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFCC2B44-6FF5-4662-86C0-6B2C4678ACD1}\mpengine.dll

2010-06-20 16:34:27 -------- d-----w- C:\Windows\SysWow64\Wat

2010-06-20 16:34:27 -------- d-----w- C:\Windows\System32\Wat

2010-06-15 12:15:29 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2010-06-15 12:15:26 -------- d-----w- C:\Program Files\NVIDIA Corporation

2010-06-15 12:14:57 930272 ----a-w- C:\Windows\System32\dpinst.exe

2010-06-15 12:14:57 11240 ----a-w- C:\Windows\System32\drivers\nvBridge.kmd

2010-06-15 12:14:55 405608 ----a-w- C:\Windows\System32\nvdecodemft.dll

2010-06-15 12:14:55 332392 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll

2010-06-15 12:14:50 255592 ----a-w- C:\Windows\System32\nvcod1921.dll

2010-06-15 12:14:50 255592 ----a-w- C:\Windows\System32\nvcod.dll

2010-06-15 12:14:46 -------- d-----w- C:\NVIDIA

2010-06-15 11:41:06 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2010-06-15 08:06:38 6982480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2010-06-14 16:05:30 -------- d-----w- C:\Users\JIM\AppData\Roaming\Spotify

2010-06-14 16:05:30 -------- d-----w- C:\Users\JIM\AppData\Local\Spotify

2010-06-14 16:05:28 -------- d-----w- C:\Program Files (x86)\Spotify

2010-06-14 10:35:33 311808 ----a-w- C:\Windows\System32\msv1_0.dll

2010-06-14 10:35:33 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll

2010-06-14 10:34:19 294912 ----a-w- C:\Windows\System32\browserchoice.exe

2010-06-13 23:29:32 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2010-06-13 23:29:32 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2010-06-13 23:29:20 -------- d-----w- C:\ProgramData\Blizzard

2010-06-13 23:18:54 -------- d-----w- C:\Users\JIM\StarCraft II Beta enGB 13891 Installer

2010-06-13 19:53:34 -------- d-----w- C:\Program Files (x86)\VideoLAN

2010-06-13 18:38:46 -------- d-----w- C:\Program Files (x86)\uTorrent

2010-06-13 18:38:11 -------- d-----w- C:\Users\JIM\AppData\Roaming\uTorrent

2010-06-13 18:34:56 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive

2010-06-13 18:33:28 139264 ----a-w- C:\Windows\System32\cabview.dll

2010-06-13 18:33:28 132608 ----a-w- C:\Windows\SysWow64\cabview.dll

2010-06-13 18:32:47 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2010-06-13 18:26:22 315904 ----a-w- C:\Windows\SysWow64\Difxbbfe.rra

2010-06-13 18:26:22 -------- d-----w- C:\RaidTool

2010-06-13 18:26:20 104408 ----a-w- C:\Windows\System32\drivers\jraid.sys

2010-06-13 18:26:12 -------- d-----w- C:\Windows\RaidTool

2010-06-13 18:24:48 -------- d-----w- C:\Program Files (x86)\Downloaded Installations

2010-06-13 18:24:08 -------- d-----w- C:\ProgramData\ASUS OC Profiles

2010-06-13 18:20:31 24576 ----a-r- C:\Windows\SysWow64\AsIO.dll

2010-06-13 18:20:31 14392 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys

2010-06-13 18:20:31 -------- d-----w- C:\Program Files (x86)\ASUS

2010-06-13 18:20:26 11832 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys

2010-06-13 18:20:26 10216 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

2010-06-13 18:20:26 -------- d-----w- C:\Program Files\ASUS

2010-06-13 18:20:18 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2010-06-13 18:20:18 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll

2010-06-13 18:20:18 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2010-06-13 18:20:17 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2010-06-13 18:19:48 55296 ----a-w- C:\Windows\System32\drivers\L1E62x64.sys

2010-06-13 18:19:37 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e

2010-06-13 18:17:25 270208 ------w- C:\Windows\System32\MpSigStub.exe

2010-06-13 18:15:53 -------- d-sh--w- C:\Windows\Installer

2010-06-13 17:54:02 -------- d-----w- C:\Windows\AsusInstAll

2010-06-13 17:53:48 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll

2010-06-13 17:53:42 -------- d-----w- C:\Intel

2010-06-11 15:01:51 -------- d-----w- C:\Windows\Panther

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Start-meny

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Skrivbord

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Programdata

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Mallar

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Favoriter

2010-06-11 14:23:09 -------- d-sh--we C:\ProgramData\Dokument

2010-06-11 14:23:09 -------- d-sh--we C:\Program Files\Delade filer

2010-06-11 14:23:09 -------- d-sh--we C:\Program

2010-06-11 14:23:09 -------- d-----w- C:\Recovery

2010-06-07 15:21:00 6200680 ----a-w- C:\Windows\System32\nvcpl.dll

2010-06-07 15:21:00 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2010-06-07 15:20:58 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2010-06-07 15:20:58 63336 ----a-w- C:\Windows\System32\nvshext.dll

2010-06-07 15:20:58 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll

2010-04-19 19:29:22 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll

2010-04-16 20:12:18 48464 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-03-23 05:33:32 862656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEWSTR.DLL

2010-03-23 05:33:32 55736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEODBCI.DLL

2010-03-23 05:33:32 21968 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACERECR.DLL

2010-03-23 05:33:32 203176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ACEINTL.DLL

2010-03-22 19:42:28 47520 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OSetupPS.dll

2010-03-20 21:51:22 310664 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1053\FPNSESAT.DLL

2010-03-20 21:47:56 44424 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\MSSOAPR3.DLL

2010-03-20 21:42:18 200576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\OSETUPUI.DLL

2010-03-20 21:40:20 13184 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\OARPMANR.DLL

2010-03-20 20:54:26 17296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.sv-se\promointl.dll

2010-03-20 20:43:54 18848 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\1053\PortalConnect.dll

2010-03-20 20:36:12 12160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\1053\MSOSVINT.DLL

2010-03-20 19:11:18 33664 ----a-w- C:\Windows\System32\FM20SVE.DLL

2010-03-20 16:28:58 159056 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1053\ALRTINTL.DLL

2010-03-20 12:54:34 19320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1053\STINTL.DLL

2010-03-10 20:51:44 571320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\ODeploy.exe

2010-03-06 02:34:08 15712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPREARM.EXE

2010-02-20 16:20:18 31616 ----a-w- C:\Windows\System32\FM20ENU.DLL

2010-01-21 20:11:42 58752 ----a-w- C:\Program Files\Common Files\System\MSMAPI\1033\MSMAPI32.DLL

2010-01-21 20:10:26 18731904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL

2010-01-21 17:33:08 25352576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL

2010-01-21 17:33:08 138104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_PDF.DLL

2010-01-21 16:13:58 2525048 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL

2010-01-21 16:13:10 1652600 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPSRVUTL.DLL

2010-01-21 02:01:04 31104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\EURO\MSOEURO.DLL

2010-01-21 00:38:52 204168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE

2010-01-21 00:38:52 192384 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OSETUPUI.DLL

2010-01-21 00:02:04 9568 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OFFREL.DLL

2010-01-21 00:02:04 72521600 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL

2010-01-21 00:02:04 71032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXP_XPS.DLL

2010-01-21 00:02:04 2527104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL

2010-01-21 00:02:04 234880 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL

2010-01-21 00:02:04 19848 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPHPROXY.DLL

2010-01-21 00:02:04 18336 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\OPTINPS.DLL

2010-01-21 00:02:04 15744 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\SmartTagInstall.exe

2010-01-20 23:56:18 72521600 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL

2010-01-20 23:56:18 2497920 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL

2010-01-20 23:05:26 15224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.DLL

2010-01-20 22:54:38 473952 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOICONS.EXE

2010-01-20 22:51:20 105344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\xlsrvintl.dll

2010-01-19 16:59:18 4729776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll

2010-01-19 16:59:18 1784192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll

2010-01-19 16:58:22 3273136 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll

2010-01-19 16:58:22 1219456 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll

2010-01-16 02:43:14 55232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACERCLR.DLL

2010-01-16 02:43:14 52656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACEODBCI.DLL

2010-01-16 02:43:14 451992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACER3X.DLL

2010-01-16 02:43:14 342960 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODBC.DLL

2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODTXT.DLL

2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODEXL.DLL

2010-01-16 02:43:14 15800 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEODDBS.DLL

2010-01-16 02:43:12 20944 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ACERECR.DLL

2010-01-13 21:31:14 419232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\MSClientDataMgr\MSCDM.DLL

2010-01-10 17:50:20 56144 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL

2010-01-10 17:50:12 1363344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL

2010-01-10 17:49:56 983440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\FPWEC.DLL

2010-01-10 17:49:56 1871720 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL

2010-01-10 17:49:40 318368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACEWSS.DLL

2010-01-10 17:49:36 1366376 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL

2010-01-10 17:30:26 364928 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\MOFL.DLL

2010-01-09 23:39:44 24976 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MUOPTIN.DLL

2010-01-09 23:34:46 44936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSOSV.DLL

2010-01-09 23:34:46 10632 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Web Folders\1033\MSOSVINT.DLL

2010-01-09 23:32:08 15760 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\promointl.dll

2010-01-09 23:31:02 56192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

2010-01-09 23:31:00 121168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE

2010-01-09 23:28:40 993160 ----a-w- C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE

2010-01-09 23:28:40 629664 ----a-w- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE

2010-01-09 23:22:40 49024 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

2010-01-09 21:15:16 553344 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll

2010-01-09 21:15:14 17312 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Portal\1033\PortalConnect.dll

2010-01-09 21:05:26 15736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pkeyconfig.companion.dll

2010-01-09 21:04:50 1199008 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\TextConv\WksConv\Wkconv.exe

2010-01-09 21:00:58 1486736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll

2010-01-09 21:00:58 1312656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll

2010-01-09 21:00:56 38768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll

2010-01-09 20:56:34 1249168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll

2010-01-09 20:33:06 154448 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ALRTINTL.DLL

2010-01-09 20:18:14 157024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\FLTLDR.EXE

2010-01-09 19:51:42 143736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TextConv\MSCONV97.DLL

2010-01-09 19:49:44 178576 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL

2010-01-09 19:49:42 70544 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1XTOR.DLL

2010-01-09 19:40:44 110976 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\METCONV.DLL

2010-01-09 19:36:22 4289376 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\IACOM2.DLL

2010-01-09 19:34:24 4925184 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

2010-01-09 19:34:24 2173696 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL

2010-01-09 19:34:24 1828608 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL

2010-01-09 19:34:24 148736 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL

2010-01-09 19:34:24 1463568 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\pidgenx.dll

2010-01-09 19:34:24 146192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL

2010-01-09 19:31:42 705392 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSSOAP30.DLL

2010-01-09 19:31:42 41864 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSSOAPR3.DLL

2010-01-09 19:31:42 147344 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\WISC30.DLL

2010-01-09 19:30:56 11656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\OARPMANR.DLL

2010-01-09 19:28:26 123776 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FBIBLIO.DLL

2010-01-09 19:28:24 98176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FDATE.DLL

2010-01-09 19:28:24 217984 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPERSON.DLL

2010-01-09 19:28:24 180096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FPLACE.DLL

2010-01-09 19:28:24 17280 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\1033\STINTL.DLL

2010-01-09 19:28:24 159104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\FSTOCK.DLL

2010-01-09 19:28:24 101248 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IMCONTACT.DLL

2010-01-09 19:24:32 1603944 ----a-w- C:\Windows\System32\FM20.DLL

2010-01-09 19:21:56 1198464 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL

2010-01-09 19:20:56 174440 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

2010-01-07 03:51:22 812368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL

2009-12-17 08:21:20 148992 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\1033\VBE7INTL.DLL

2009-12-17 08:21:06 3671368 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL

2009-12-17 08:21:00 518472 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\EXPSRV.DLL

2009-12-17 08:21:00 49488 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\VBAJET32.DLL

2009-11-25 08:57:12 266096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\TRANSLAT\MSB1STAR.DLL

2009-10-22 00:24:38 99656 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe

2009-10-22 00:24:38 47960 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll

2009-10-22 00:24:38 370504 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll

2009-10-22 00:24:38 184640 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll

2009-10-22 00:24:38 18248 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll

2009-10-22 00:24:38 10064 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll

2009-10-21 21:08:30 94208 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.Office.Tools.v9.0.dll

2009-10-21 21:08:30 81920 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.dll

2009-10-21 21:08:30 49152 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v9.0.dll

2009-10-21 21:08:30 36864 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.AddInAdapter.v9.0.dll

2009-10-21 21:08:30 36864 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll

2009-10-21 21:08:30 131072 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.dll

2009-10-21 21:08:26 77824 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v9.0.dll

2009-10-21 21:08:26 45056 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll

2009-10-21 21:08:26 22016 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v9.0.dll

2009-09-29 12:06:16 123200 ----a-w- C:\Windows\System32\drivers\epfwwfpr.sys

2009-09-29 12:03:00 136584 ----a-w- C:\Windows\System32\drivers\ehdrv.sys

2009-09-29 11:56:36 144824 ----a-w- C:\Windows\System32\drivers\eamon.sys

2009-09-04 07:02:36 591168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\PROOF\MSLID.DLL

2009-08-17 21:33:52 1193832 ----a-w- C:\Windows\SysWow64\FM20.DLL

2009-07-20 22:05:40 1348432 ----a-w- C:\Windows\SysWow64\msxml4.dll

2009-07-14 08:20:26 -------- d-----w- C:\Program Files\Windows Journal

2009-07-14 08:19:49 -------- d-----w- C:\Windows\ShellNew

2009-07-14 08:19:49 -------- d-----w- C:\Windows\ehome

2009-07-14 08:19:43 -------- d-sh--w- C:\Windows\BitLockerDiscoveryVolumeContents

2009-07-14 08:19:42 -------- d-----w- C:\Windows\RemotePackages

2009-07-14 07:43:26 -------- d-----w- C:\Windows\SysWow64\XPSViewer

2009-07-14 07:42:52 2048 ----a-w- C:\Windows\System32\drivers\sv-SE\usbrpm.sys.mui

2009-07-14 05:37:46 -------- d-----w- C:\Windows\en-US

2009-07-14 05:37:46 -------- d-----w- C:\Windows\DigitalLocker

2009-07-14 05:12:52 -------- d-----w- C:\Windows\System32\wbem\Performance

2009-07-14 05:08:56 -------- d-sh--we C:\Documents and Settings

2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\good

2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\bad

2009-07-14 04:53:24 -------- d-----w- C:\Windows\System32\wbem\MOF

2009-07-14 04:45:50 -------- d-----w- C:\Windows\Setup

2009-07-14 04:45:47 -------- d-----w- C:\Windows\ServiceProfiles

2009-07-14 04:45:42 -------- d-s---w- C:\Windows\System32\Microsoft

.

==================== Find3M ====================

.

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-03-08 12:39:43 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax

2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax

2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax

2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax

2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax

2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax

2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll

2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe

2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-06-10 23:15:38 93008 ----a-w- C:\Windows\System32\mfcm100.dll

2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll

2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2011-02-05 12:41:43 556928 ----a-w- C:\Windows\System32\winresume.efi

2011-02-05 12:41:35 640896 ----a-w- C:\Windows\System32\winload.efi

2011-02-05 12:41:24 20352 ----a-w- C:\Windows\System32\kdusb.dll

2011-02-05 12:41:24 19328 ----a-w- C:\Windows\System32\kd1394.dll

2011-02-05 12:41:23 17792 ----a-w- C:\Windows\System32\kdcom.dll

2011-02-05 12:39:21 603976 ----a-w- C:\Windows\System32\winload.exe

2011-02-05 12:39:21 518160 ----a-w- C:\Windows\System32\winresume.exe

2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll

2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll

2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll

2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll

2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll

2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

2010-06-29 05:39:12 2085376 ----a-w- C:\Windows\System32\ole32.dll

2010-06-29 05:02:02 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll

2010-06-02 03:55:30 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll

2010-06-02 03:55:30 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll

2010-06-02 03:55:30 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll

2010-06-02 03:55:30 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll

2010-06-02 03:55:30 239960 ----a-w- C:\Windows\SysWow64\xactengine3_7.dll

2010-06-02 03:55:30 176984 ----a-w- C:\Windows\System32\xactengine3_7.dll

2010-05-26 10:41:02 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll

2010-05-26 10:41:02 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll

2010-05-26 10:41:02 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll

.

============= FINISH: 0:07:00,21 ===============

[Cecilia]

Hur fungerar Internet Explorer om du startar den utan tillägg?

Start - Alla program - Tillbehör - Systemverktyg

[Cecilia]

Avira är ett bra gratis antivirusprogram (liksom Avast och AVG): http://www.avira.com/en/avira-free-antivirus

se Eforum-tråden med tester av antivirusprogram: //eforum.idg.se/topic/223493-rapporter-och-tester/page__view__findpost__p__1112963

 

Run by JIM at 0:06:03 on 2002-01-02

Kan vara BIOS-batteriet som tagit slut. Det är ett knappcellsbatteri på moderkortet och man kan köpa ett nytt för några tior på i stort sett alla ställen som säljer batterier.

 

Spara Farbar Service Scanner på skrivbordet.

http://download.bleepingcomputer.com/farbar/FSS.exe

Starta programmet.

 

Se till att "Include All Files" är valt.

Klicka på "Scan".

 

Programmet skapar loggen FSS.txt på Skrivbordet.

Klistra in den i ditt svar.

[johnnyb]

IE funkade bra "Utan tillägg"... Men hemsidor såsom min banks hemsida tycker inte om att mina tidsinställningar osv inte är korrekta.

Det funkar inte via klockans inställningar att uppdatera från internet. Nå tips?

Ska jag gå in på BIOS å kolla läget där?

 

 

 

Farbar Service Scanner Version: 09-11-2012

Ran by JIM (administrator) on 02-01-2002 at 15:32:09

Running from "C:\Users\JIM\Desktop"

Windows 7 Ultimate (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

 

 

System Restore:

============

 

System Restore Disabled Policy:

========================

 

 

Action Center:

============

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

 

Windows Defender:

==============

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-02-16 16:01] - [2011-12-28 04:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

 

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-05-12 10:56] - [2012-03-30 12:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

 

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll

[2012-10-10 09:24] - [2012-06-02 06:25] - 0182272 ____A (Microsoft Corporation) BAF19B633933A9FB4883D27D66C39E9A

 

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

 

Sedan var ju de skadliga filerna som kom upp senast när jag gjorde scannen via internet(eset online scan). Kan jag göra om scannen och ta bort filerna?

För senast sa du till mig att inte ha den rutan ikryssad.

 

MvH Jim

[johnnyb]

Vissa sidor funkar bra med IE med tillägg men tex eforum fryser bara hela IE.

[Cecilia]

De två crackade filerna, som Esets skanner hittade, kan du ju ta bort själv, den ena ligger på skrivbordet och den andra i mappen värmegolv som finns på skrivbordet. De andra två är oskadliggjorda och ligger i ComboFix karantän och den kommer att tas bort när vi är klara.

 

Avinstallera Adobe Flash Player genom att följa http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html

Hur blir det nu?

 

När det gäller klockan kan du ju ställa tiden själv också, antingen inifrån Windows eller i BIOS om du föredrar det.

[johnnyb]

så nu verkar IE funka bra. Tack.

Har även tagit bort de två crackade filerna samt avinstallerat adobe.

 

Vad blir nästa steg? Spänningen stiger!

[Cecilia]

Jag ser inget skadligt i loggarna längre. Har du några fler konstigheter att ta upp innan det är dags att avinstallera DDS och de andra särskilda programmen?

[johnnyb]

Kan kanske nämna det här med klockan igen.

Försökte synka med internet via time.windows.com som var "standard" och texten som kommer upp är

 

"Ett fel uppstod när operativsystemet synkroniserade med time.windows.com. Det går inte att nå peer-datorn."

 

Om du kanske vet vad peer-datorn är?

 

Annars så är väll det bara och avinstallera alla program som skas. Försvinner även de filerna som finns i combifix's karantän?

 

Jim

[johnnyb]

Synkade mot en annan server, då gick det bra.

 

//jim