-
Innehållsantal
19 -
Gick med
-
Besökte senast
Inlägg postade av Babbler1
-
-
-
Hej!
Tack för ditt svar!
Jag har kopplat ifrån routern, men utan positiv respons!
Anti-virusprogrammet hittar inget!
Adwcleaner-logg.
Mvh Babbler
-
Hej!
Tack för ditt svar:)
Datorn är ansluten med nätverkskabel och router.
Mvh Babbler
-
-
-
Det känns segt att surfa. Den står och laddar i ca 15 sek innan jag kan scrolla med musen osv på en sida.
Ibland blir det typ ett konstigt mönster (när jag scrollar) som "ligger" ovanpå det som skulle visats på just den sidan.
Känns inte ok!
Vad skall jag göra med windows.old-mappen?
Mvh Babbler
-
-
Hej!
Jag missade Eset!
Jag håller på att scanna just nu.
Så jag svarar från min mobil.
Jag har installerat Windows 8.1 och uppdaterat biosen.
I Setup-mappen ligger biosfilen.
Jag återkommer med Eset-loggen så snart som möjligt.
Mvh Babbler
-
Hej!
Tack för ditt svar!
Här kommer loggarna.
Mvh Babbler
-
Hej igen!
Verkar som att jag har fått tillbaka samma problem!
Kan du hjälpa mig igen?
Mvh Babbler
-
Hej!
Tusen tack för hjälpen. Nu verkar datorn funka bra:)
Mvh Babbler
-
Hej!
Tack för ditt svar!
Här kommer loggen!
Jag skickar också med en bild som du om du vill kan tyda:)
Jag tycker att det är lite skumt med Användarprofiler på min dator.
Jag tycker att datorn funkar bättre nu. Det dyker inte upp en massa pop up-rutor längre när jag surfar.
Jag kunde inte "backa" från en internetsida förrut men nu går det:)
Vet inte om det var adwareprogrammet som störde?
Tack för all hjälp hittils:)
Mvh Babbler
-
-
Tack för ditt svar!
Jag har avinstallerat PassShow.
Jag har startat om datorn.
Här kommer loggarna!
Som du ser har jag tagit bort mitt namn i loggarna:)
Mvh Babbler
-
Hej!
Tack för ditt svar!
Jag har INTE ställt in att proxy-servern ska användas för anonym surfing?
Hur ändrar jag det?
Här kommer loggarna.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-
2014
Ran by (administrator) on DATORRUMMET on 02-05-2014 08:47:45
Running from C:\Users\\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or
outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-
tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision
\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display
\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk
\uiWatchDog.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint
\9.00\Licensing\NetworkLicenseServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
() C:\Program Files (x86)\PassShow\PassShowqEvqTw.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk
\uiSeAgnt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP
\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP
\E_S50RPB.EXE
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader
\Foxit Cloud\FCUpdateService.exe
() C:\Program Files (x86)\PassShow\PassShowqEv161.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS
\TMAS_WLM\TMAS_WLMMon.exe
(Spotify Ltd) C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update
\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy
2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy
2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy
2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy
2\SDUpdSvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA
\RtkNGUI64.exe [6602856 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS
\TMAS_WLM\TMAS_WLMMon.exe [44152 2013-07-23] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend
Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro
Inc.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search &
Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1521310780-587458791-887972967-1000\...\MountPoints2:
{5d9366e9-9d8f-11e0-bcaf-806e6f6e6963} - H:\LaunchU3.exe -a
HKU\S-1-5-21-1521310780-587458791-887972967-1000\...\MountPoints2:
{f021a9b0-ec64-11e1-a642-74ea3a81f1fd} - G:\Startme.exe
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13852
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://se.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect
Cache_TIMESTAMP = 0x6F48CE2CC231CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache
AcceptLangs = sv
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -
No File
URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} -
No File
SearchScopes: HKCU - {51073AED-209E-4076-B66F-CA7425CE5E41} URL =
http://se.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-
8&type=937811&p={searchTerms}
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:
\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll
(Trend Micro Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -
C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft
Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program
Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON
CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF}
- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft
Corporation)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program
Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend
Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:
\Program Files\Trend Micro\AMSP\module
\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program
Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft
Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle
Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared
\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-
AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion
\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-
42B3008E02FF} - C:\Program Files (x86)\Microsoft Office
\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:
\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll
(Trend Micro Inc.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-
9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle
Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -
C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO
EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-
F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework
\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F}
http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_
nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files
\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro
Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files
\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro
Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program
Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend
Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program
Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend
Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program
Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program
Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend
Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 195.67.199.12 195.67.199.13
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash
\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft
Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:
\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash
\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:
\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:
\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files
(x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files
(x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social
Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files
(x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files
(x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files
(x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files
(x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files
(x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files
(x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files
(x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE
AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files
(x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE
AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader
Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software
\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader
Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit
Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files
(x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files
(x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files
(x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files
(x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:
\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:
\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program
Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program
Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program
Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA
Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files
(x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA
Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files
(x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files
(x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files
(x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files
(x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\
\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\
\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program
Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend
Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-
faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar
\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium
\UIFramework\Toolbar\firefoxextension [2013-10-13]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program
Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend
Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-
529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt
\firefoxextension\
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend
Micro\AMSP\module\20004\FxExt\firefoxextension\ []
FF HKCU\...\Firefox\Extensions: [{110A8A34-4C2B-D11A-DA3E-E61A57AA48D2}] -
C:\Program Files (x86)\PassShow\161.xpi
FF Extension: PassShow - C:\Program Files (x86)\PassShow\161.xpi [2014-05-
01]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: ""
CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome
\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome
\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome
\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime
\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:
\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:
\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog
Web Plugins\2.1.3\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins
\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files
(x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit
Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google
Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update
\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U9) - C:\Program Files (x86)\Java
\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft
Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation
\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation
\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin
\np_prsnl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC
\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows
Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes
\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows
\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Angry Birds) - C:\Users\\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-11-14]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Trend Micro Toolbar) - C:\Users\\AppData\Local\Google
\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf
[2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:
\Users\MATSMA~1\AppData\Local\Temp\ccex.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:
\Program Files\Trend Micro\AMSP\module
\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-05-01]
CHR StartMenuInternet: Google Chrome - C:\Users\\AppData\Local\Google
\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common
Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
[759048 2009-05-14] (ABBYY)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit
Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit
Corporation)
R2 PassShow; C:\Program Files (x86)\PassShow\PassShowqEv161.exe [142336
2014-05-01] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy
2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy
2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy
2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe"
coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
==================== Drivers (Whitelisted) ====================
S3 cleanhlp; C:\Users\\EEK\RUN\cleanhlp64.sys [57024 2014-02-08] (Emsisoft
GmbH)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14]
(Brother Industries Ltd.)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [811520
2009-05-14] (Windows ® Win 7 DDK provider)
S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30]
(Todos Data System AB)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [116264 2013-09-04]
(Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04]
(Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend
Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [100640 2013-06-13]
(Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [85424 2013-09-04]
(Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [303392 2013-05-15]
(Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-08-22] (Trend
Micro Inc.)
S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [411648 2011-01-21]
(10Moons Technologies Co.,Ltd)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14]
(Microsoft Corporation)
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-02 08:47 - 2014-05-02 08:47 - 00021850 _____ () C:\Users\\Desktop
\FRST.txt
2014-05-02 08:46 - 2014-05-02 08:47 - 00000000 ____D () C:\FRST
2014-05-02 08:45 - 2014-05-02 08:46 - 02062336 _____ (Farbar) C:\Users\
\Desktop\FRST64.exe
2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData
\Local\EmieUserList
2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData
\Local\EmieSiteList
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\
\Documents\ProcAlyzer Dumps
2014-05-01 22:27 - 2014-05-01 23:34 - 00000000 ____D () C:\ProgramData
\Spybot - Search & Destroy
2014-05-01 22:27 - 2014-05-01 22:29 - 00000000 ____D () C:\Program Files
(x86)\Spybot - Search & Destroy 2
2014-05-01 22:27 - 2014-05-01 22:27 - 00001391 _____ () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-01 22:27 - 2014-05-01 22:27 - 00001379 _____ () C:\Users\Public
\Desktop\Spybot-S&D Start Center.lnk
2014-05-01 22:27 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-01 22:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking
Limited) C:\Windows\system32\sdnclean64.exe
2014-05-01 22:25 - 2014-05-01 22:26 - 46392680 _____ (Safer-Networking Ltd.
) C:\Users\\Desktop\spybot-2.3.exe
2014-05-01 21:39 - 2014-05-02 08:17 - 00003011 _____ () C:\Users\\Desktop
\HiJackThis.lnk
2014-05-01 21:39 - 2014-05-01 21:39 - 01402880 _____ () C:\Users\\Desktop
\HiJackThis.msi
2014-05-01 21:39 - 2014-05-01 21:39 - 00000000 ____D () C:\Program Files
(x86)\Trend Micro
2014-05-01 08:14 - 2014-05-01 08:14 - 00001702 _____ () C:\Users\\Desktop
\JRT.txt
2014-05-01 07:52 - 2014-05-02 07:53 - 00000386 _____ () C:\Windows\Tasks
\PassShow_wd.job
2014-05-01 07:52 - 2014-05-01 07:52 - 00002990 _____ () C:\Windows
\System32\Tasks\PassShow_wd
2014-05-01 07:52 - 2014-05-01 07:52 - 00000000 ____D () C:\Program Files
(x86)\PassShow
2014-04-29 22:24 - 2014-03-06 12:21 - 23549440 _____ (Microsoft
Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 22:24 - 2014-03-06 11:32 - 02724864 _____ (Microsoft
Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 22:24 - 2014-03-06 11:31 - 00004096 _____ (Microsoft
Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-29 22:24 - 2014-03-06 11:19 - 17387008 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 22:24 - 2014-03-06 10:59 - 00066048 _____ (Microsoft
Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 22:24 - 2014-03-06 10:57 - 00548352 _____ (Microsoft
Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 22:24 - 2014-03-06 10:57 - 00048640 _____ (Microsoft
Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-29 22:24 - 2014-03-06 10:53 - 02767360 _____ (Microsoft
Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 22:24 - 2014-03-06 10:40 - 00051200 _____ (Microsoft
Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 22:24 - 2014-03-06 10:39 - 00033792 _____ (Microsoft
Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 22:24 - 2014-03-06 10:32 - 02724864 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 22:24 - 2014-03-06 10:32 - 00574976 _____ (Microsoft
Corporation) C:\Windows\system32\ieui.dll
2014-04-29 22:24 - 2014-03-06 10:29 - 00139264 _____ (Microsoft
Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 22:24 - 2014-03-06 10:29 - 00111616 _____ (Microsoft
Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-29 22:24 - 2014-03-06 10:28 - 00752640 _____ (Microsoft
Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-29 22:24 - 2014-03-06 10:15 - 00940032 _____ (Microsoft
Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-29 22:24 - 2014-03-06 10:11 - 05784064 _____ (Microsoft
Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 22:24 - 2014-03-06 10:09 - 00453120 _____ (Microsoft
Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 22:24 - 2014-03-06 10:03 - 00586240 _____ (Microsoft
Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 22:24 - 2014-03-06 10:02 - 00455168 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-29 22:24 - 2014-03-06 10:02 - 00061952 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-29 22:24 - 2014-03-06 10:01 - 00051200 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-29 22:24 - 2014-03-06 09:56 - 00038400 _____ (Microsoft
Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 22:24 - 2014-03-06 09:48 - 00195584 _____ (Microsoft
Corporation) C:\Windows\system32\msrating.dll
2014-04-29 22:24 - 2014-03-06 09:47 - 02178048 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-29 22:24 - 2014-03-06 09:46 - 04254720 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-29 22:24 - 2014-03-06 09:46 - 00043008 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 22:24 - 2014-03-06 09:45 - 00032768 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-29 22:24 - 2014-03-06 09:42 - 00296960 _____ (Microsoft
Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 22:24 - 2014-03-06 09:40 - 00440832 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-29 22:24 - 2014-03-06 09:38 - 00112128 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 22:24 - 2014-03-06 09:36 - 00592896 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-29 22:24 - 2014-03-06 09:22 - 00367616 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 22:24 - 2014-03-06 09:21 - 00628736 _____ (Microsoft
Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 22:24 - 2014-03-06 09:13 - 00032256 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 22:24 - 2014-03-06 09:11 - 02043904 _____ (Microsoft
Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 22:24 - 2014-03-06 09:07 - 00164864 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-29 22:24 - 2014-03-06 09:01 - 00244224 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 22:24 - 2014-03-06 08:53 - 13551104 _____ (Microsoft
Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 22:24 - 2014-03-06 08:46 - 00524288 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 22:24 - 2014-03-06 08:40 - 01967104 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-29 22:24 - 2014-03-06 08:36 - 11745792 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-29 22:24 - 2014-03-06 08:22 - 02260480 _____ (Microsoft
Corporation) C:\Windows\system32\wininet.dll
2014-04-29 22:24 - 2014-03-06 07:58 - 01400832 _____ (Microsoft
Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 22:24 - 2014-03-06 07:50 - 00846336 _____ (Microsoft
Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 22:24 - 2014-03-06 07:43 - 00704512 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 22:24 - 2014-03-06 07:41 - 01789440 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-29 22:24 - 2014-03-06 07:36 - 01143808 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-29 21:22 - 2014-04-29 21:22 - 00000000 ____D () C:\Users\\Desktop
\Game.of.Thrones.S04E04.720p.HDTV.x264-KILLERS._www.Undertexter.se
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\\Desktop
\Person.of.Interest.S03E20.720p.HDTV.x264-DIMENSION._www.Undertexter.se
2014-04-27 23:51 - 2014-04-27 23:51 - 00000000 ____D () C:\Users\\Desktop
\Vikings.S02E09.The.Choice.1080p.WEB-DL.DD5.1.H.264-
CtrlHD._www.Undertexter.se
2014-04-25 15:31 - 2014-04-25 15:31 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Java
2014-04-25 15:31 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation)
C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-25 15:31 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation)
C:\Windows\SysWOW64\javaws.exe
2014-04-25 15:31 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation)
C:\Windows\SysWOW64\javaw.exe
2014-04-25 15:31 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation)
C:\Windows\SysWOW64\java.exe
2014-04-25 15:30 - 2014-04-25 15:31 - 00004231 _____ () C:\Windows
\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-09 17:24 - 2014-02-04 04:35 - 00274880 _____ (Microsoft
Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 17:24 - 2014-02-04 04:35 - 00190912 _____ (Microsoft
Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 17:24 - 2014-02-04 04:35 - 00027584 _____ (Microsoft
Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 17:24 - 2014-02-04 04:28 - 00002048 _____ (Microsoft
Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 17:24 - 2014-02-04 04:00 - 00002048 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 17:19 - 2014-03-04 11:44 - 01163264 _____ (Microsoft
Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:19 - 2014-03-04 11:44 - 00362496 _____ (Microsoft
Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 17:19 - 2014-03-04 11:44 - 00243712 _____ (Microsoft
Corporation) C:\Windows\system32\wow64.dll
2014-04-09 17:19 - 2014-03-04 11:44 - 00016384 _____ (Microsoft
Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 17:19 - 2014-03-04 11:44 - 00013312 _____ (Microsoft
Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 17:19 - 2014-03-04 11:17 - 00014336 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 17:19 - 2014-03-04 11:16 - 01114112 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 17:19 - 2014-03-04 11:16 - 00025600 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 17:19 - 2014-03-04 11:16 - 00005120 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 17:19 - 2014-03-04 10:09 - 00007680 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 17:19 - 2014-03-04 10:09 - 00002048 _____ (Microsoft
Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 17:18 - 2014-01-24 04:37 - 01684928 _____ (Microsoft
Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\
\Documents\Electronic Arts
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\AppData
\Local\Electronic Arts
2014-04-07 21:52 - 2014-04-07 21:52 - 00000735 _____ () C:\Users\Public
\Desktop\Dead Space.lnk
2014-04-07 21:52 - 2014-04-07 21:52 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Dead Space
2014-04-07 18:21 - 2014-04-07 18:21 - 03822704 _____ () C:\Users\\Desktop
\battlelog-web-plugins_2.3.2_133.exe
==================== One Month Modified Files and Folders =======
2014-05-02 08:47 - 2014-05-02 08:47 - 00021850 _____ () C:\Users\\Desktop
\FRST.txt
2014-05-02 08:47 - 2014-05-02 08:46 - 00000000 ____D () C:\FRST
2014-05-02 08:46 - 2014-05-02 08:45 - 02062336 _____ (Farbar) C:\Users\
\Desktop\FRST64.exe
2014-05-02 08:44 - 2013-07-24 00:10 - 01219443 _____ () C:\Windows
\WindowsUpdate.log
2014-05-02 08:43 - 2014-01-25 22:21 - 00000000 ____D () C:\Program Files
\Screenshots
2014-05-02 08:32 - 2011-11-13 14:14 - 00001036 _____ () C:\Windows\Tasks
\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000UA.job
2014-05-02 08:17 - 2014-05-01 21:39 - 00003011 _____ () C:\Users\\Desktop
\HiJackThis.lnk
2014-05-02 08:07 - 2014-03-07 16:55 - 00000868 _____ () C:\Windows\Tasks
\Adobe Flash Player Updater.job
2014-05-02 07:55 - 2012-08-25 10:22 - 00001008 _____ () C:\Windows\Tasks
\GoogleUpdateTaskMachineUA.job
2014-05-02 07:53 - 2014-05-01 07:52 - 00000386 _____ () C:\Windows\Tasks
\PassShow_wd.job
2014-05-02 07:42 - 2014-02-11 19:25 - 00000396 _____ () C:\Windows\Tasks
\PassShow Update.job
2014-05-02 00:37 - 2009-07-14 09:43 - 00675230 _____ () C:\Windows
\system32\perfh01D.dat
2014-05-02 00:37 - 2009-07-14 09:43 - 00146370 _____ () C:\Windows
\system32\perfc01D.dat
2014-05-02 00:37 - 2009-07-14 07:13 - 01611518 _____ () C:\Windows
\system32\PerfStringBackup.INI
2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData
\Local\EmieUserList
2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData
\Local\EmieSiteList
2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\
\Documents\ProcAlyzer Dumps
2014-05-01 23:34 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData
\Spybot - Search & Destroy
2014-05-01 22:29 - 2014-05-01 22:27 - 00000000 ____D () C:\Program Files
(x86)\Spybot - Search & Destroy 2
2014-05-01 22:27 - 2014-05-01 22:27 - 00001391 _____ () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-01 22:27 - 2014-05-01 22:27 - 00001379 _____ () C:\Users\Public
\Desktop\Spybot-S&D Start Center.lnk
2014-05-01 22:27 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-01 22:26 - 2014-05-01 22:25 - 46392680 _____ (Safer-Networking Ltd.
) C:\Users\\Desktop\spybot-2.3.exe
2014-05-01 21:39 - 2014-05-01 21:39 - 01402880 _____ () C:\Users\\Desktop
\HiJackThis.msi
2014-05-01 21:39 - 2014-05-01 21:39 - 00000000 ____D () C:\Program Files
(x86)\Trend Micro
2014-05-01 21:39 - 2012-01-22 17:16 - 00000000 ____D () C:\Users\\AppData
\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-05-01 21:09 - 2014-01-05 22:37 - 00000000 ____D () C:\Users\\AppData
\Roaming\vlc
2014-05-01 15:55 - 2012-08-25 10:22 - 00001004 _____ () C:\Windows\Tasks
\GoogleUpdateTaskMachineCore.job
2014-05-01 15:32 - 2011-11-13 14:14 - 00000984 _____ () C:\Windows\Tasks
\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000Core.job
2014-05-01 08:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows
\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-
8115-601632D005A0
2014-05-01 08:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows
\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-
8115-601632D005A0
2014-05-01 08:25 - 2011-06-23 15:32 - 00000000 ____D () C:\ProgramData
\NVIDIA
2014-05-01 08:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks
\SA.DAT
2014-05-01 08:14 - 2014-05-01 08:14 - 00001702 _____ () C:\Users\\Desktop
\JRT.txt
2014-05-01 08:08 - 2011-06-23 21:07 - 00000000 ____D () C:\Program Files
\CCleaner
2014-05-01 08:01 - 2012-03-14 21:19 - 00000000 ____D () C:\Users\\AppData
\Roaming\uTorrent
2014-05-01 07:52 - 2014-05-01 07:52 - 00002990 _____ () C:\Windows
\System32\Tasks\PassShow_wd
2014-05-01 07:52 - 2014-05-01 07:52 - 00000000 ____D () C:\Program Files
(x86)\PassShow
2014-05-01 07:52 - 2014-02-11 19:25 - 00003060 _____ () C:\Windows
\System32\Tasks\PassShow Update
2014-04-30 21:19 - 2011-07-03 09:20 - 00000000 ____D () C:\Users\\AppData
\Roaming\Spotify
2014-04-30 15:16 - 2012-09-25 21:54 - 00000000 ____D () C:\Windows\rescache
2014-04-30 14:19 - 2013-04-26 12:41 - 00000000 ____D () C:\Users\\AppData
\Local\Spotify
2014-04-29 23:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows
\PolicyDefinitions
2014-04-29 21:22 - 2014-04-29 21:22 - 00000000 ____D () C:\Users\\Desktop
\Game.of.Thrones.S04E04.720p.HDTV.x264-KILLERS._www.Undertexter.se
2014-04-28 21:07 - 2014-03-07 16:55 - 00003806 _____ () C:\Windows
\System32\Tasks\Adobe Flash Player Updater
2014-04-28 21:07 - 2012-04-02 07:32 - 00692400 _____ (Adobe Systems
Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 21:07 - 2011-06-23 18:25 - 00070832 _____ (Adobe Systems
Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\\Desktop
\Person.of.Interest.S03E20.720p.HDTV.x264-DIMENSION._www.Undertexter.se
2014-04-27 23:51 - 2014-04-27 23:51 - 00000000 ____D () C:\Users\\Desktop
\Vikings.S02E09.The.Choice.1080p.WEB-DL.DD5.1.H.264-
CtrlHD._www.Undertexter.se
2014-04-27 23:46 - 2011-10-02 13:47 - 00000000 ____D () C:\ProgramData
\Origin
2014-04-27 21:10 - 2011-10-14 11:39 - 00290184 _____ () C:\Windows
\SysWOW64\PnkBstrB.exe
2014-04-27 21:10 - 2011-06-25 16:26 - 00290184 _____ () C:\Windows
\SysWOW64\PnkBstrB.xtr
2014-04-27 21:09 - 2011-06-25 16:15 - 00291088 _____ () C:\Windows
\SysWOW64\PnkBstrB.ex0
2014-04-27 21:06 - 2011-10-02 13:47 - 00000000 ____D () C:\Program Files
(x86)\Origin
2014-04-25 15:31 - 2014-04-25 15:31 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Java
2014-04-25 15:31 - 2014-04-25 15:30 - 00004231 _____ () C:\Windows
\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-25 15:31 - 2014-01-04 17:43 - 00000000 ____D () C:\ProgramData
\Oracle
2014-04-25 15:31 - 2014-01-04 17:42 - 00000000 ____D () C:\Program Files
(x86)\Java
2014-04-14 20:13 - 2014-04-25 15:31 - 00096168 _____ (Oracle Corporation)
C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-25 15:31 - 00264616 _____ (Oracle Corporation)
C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-25 15:31 - 00175528 _____ (Oracle Corporation)
C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-25 15:31 - 00175016 _____ (Oracle Corporation)
C:\Windows\SysWOW64\java.exe
2014-04-12 15:49 - 2011-08-24 19:24 - 00000000 ____D () C:\Users\\AppData
\Roaming\dvdcss
2014-04-11 19:21 - 2011-09-13 07:51 - 00000000 ____D () C:\Users\\AppData
\Local\Windows Live
2014-04-09 23:21 - 2013-08-15 01:00 - 00000000 ____D () C:\Windows
\system32\MRT
2014-04-09 23:21 - 2012-01-24 22:13 - 00000000 ____D () C:\ProgramData
\Microsoft Help
2014-04-09 23:19 - 2011-06-23 19:30 - 90655440 _____ (Microsoft
Corporation) C:\Windows\system32\MRT.exe
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\
\Documents\Electronic Arts
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\AppData
\Local\Electronic Arts
2014-04-07 21:52 - 2014-04-07 21:52 - 00000735 _____ () C:\Users\Public
\Desktop\Dead Space.lnk
2014-04-07 21:52 - 2014-04-07 21:52 - 00000000 ____D () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Dead Space
2014-04-07 21:52 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData
\Microsoft\Windows\Start Menu\Programs\Games
2014-04-07 18:21 - 2014-04-07 18:21 - 03822704 _____ () C:\Users\\Desktop
\battlelog-web-plugins_2.3.2_133.exe
2014-04-07 18:21 - 2011-10-02 15:28 - 00000000 ____D () C:\Program Files
(x86)\Battlelog Web Plugins
2014-04-06 08:36 - 2014-02-01 12:22 - 01016261 _____ (Thisisu) C:\Users\
\Desktop\JRT_NEW.exe
2014-04-03 15:34 - 2013-03-15 17:04 - 00007168 _____ () C:\Users\\AppData
\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 15:33 - 2013-10-29 20:46 - 00000349 _____ () C:\Users\Public
\Documents\PCLECHAL.INI
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 17:48
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-
2014
Ran by at 2014-05-02 08:48:09
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Trend Micro Titanium Internet Security (Enabled - Up to date)
{5D349EF8-873B-C657-917F-F1D93E101A7C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-
DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-
732D-A930-C1CA5F20A4B0}
AS: Trend Micro Titanium Internet Security (Enabled - Up to date)
{E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint)
(Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...
\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft
Corporation)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX)
(Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin)
(Version: 13.0.0.206 - Adobe Systems Incorporated)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1)
(Version: - Audacity Team)
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-
37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF})
(Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7})
(Version: 1.1.0.1 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-
E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2
- EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version:
3.0.0.10 - Apple Inc.)
Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710)
(Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: -
Treyarch)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE
GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet
Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task)
(Version: 3.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version:
7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...
\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version:
3.3.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 -
Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon
Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45
- Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor)
(Version: 1.2.0.1 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...
\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version:
6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX
Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version:
4.3.8.2631 - CDBurnerXP)
Contents (x32 Version: 14.0.1.13 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version:
1.0.0.222 - Electronic Arts)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
(HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_
{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
DeviceIO (x32 Version: 14.0.1.13 - Corel Corporation) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Emil (HKLM-x32\...\Emil) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-
7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-
x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO
EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47})
(Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson
Corporation)
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series)
(Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799})
(Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293})
(Version: 3.3a - SEIKO EPSON CORPORATION)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social
Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social
Software AB)
ffdshow x64 v1.1.3814 [2011-04-11] (HKLM\...\ffdshow64_is1) (Version:
1.1.3814.0 - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1)
(Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit
Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google
Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E})
(Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version:
1.0.0 - Trend Micro)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-
857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF})
(Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: -
)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-
CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (SVE) (Version: 4.5.50938 - Microsoft
Corporation) Hidden
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-
9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)
Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft
Corporation) Hidden
Microsoft Office Access MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000
- Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR)
(Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Proof (Finnish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Proof (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Proofing (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000
- Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Swedish) 2010 (Version: 14.0.7015.1000
- Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Office Word MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -
Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
(Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-
B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-
x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 -
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-
4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-
4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-
497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-
4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-
4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 -
Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...
\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...
\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...
\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...
\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-
x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...
\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...
\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...
\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft
Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version:
11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version:
11.0.60610 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-
8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-
8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIA
Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation)
Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA
Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIAs kontrollpanel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
PassShow (HKLM-x32\...\8C914602-36D7-3AE8-6DA0-CE525CDAAA03) (Version: -
PassShow-software) <==== ATTENTION
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8})
(Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-
0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle Video-drivrutiner (HKLM\...\{6DE721A5-5E89-4D74-994C-
652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even
Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-
06DFEED9A476}) (Version: 1.00.0022 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...
\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 -
Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 -
Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448
-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32
Version: - Microsoft) Hidden
Share (x32 Version: 14.0.1.13 - Corel Corporation) Hidden
Share64 (Version: 14.0.1.13 - Corel Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-
FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version:
1.0.0.0 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-
0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-
5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-
46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-
x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176
-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176
-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_
{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_
{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-
4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...
\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-
4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-
4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-
4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-
4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...
\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-
439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-
439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-
4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-
40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-
4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...
\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-
4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...
\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-
4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-
4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...
\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-
47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-
47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...
\{90140000-001A-041D-0000-0000000FF1CE}_Office14.PROPLUSR_{6D7DEB21-7536-
421F-9A37-D599F5D7920B}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-
427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-
x32\...\{90140000-0018-041D-0000-0000000FF1CE}_Office14.PROPLUSR_{EC04A626
-7160-4E90-BD93-4226EFBDB5F9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82
-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
(HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_
{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
(HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_
{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...
\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-
4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-
x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83
-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 -
Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version:
15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft
Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft
Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft
Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft
Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 -
Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft
Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft
Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft
Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 -
Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft
Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar
GmbH)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 -
VideoLAN)
==================== Restore Points =========================
01-05-2014 07:01:49 Schemalagd kontrollpunkt
01-05-2014 22:08:48 TITANUIMRES
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows
\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02E70707-8D26-49B1-BCAD-6A29D3ABB953} - System32\Tasks\{19F87C4F-
16ED-4C0F-A752-2E5A5F0E3775} => D:\Spel\CoD4\iw3mp.exe
Task: {26876944-40D2-4077-97A7-657F987A3F7B} - System32\Tasks\Adobe Flash
Player Updater => C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {3066D6B7-3F6B-4A88-B23B-22C5AF8ADE21} - System32\Tasks\{50C6B351-
602C-460A-8729-BCD19E367A06} => D:\Spel\CoD4\iw3mp.exe
Task: {32EC37AE-4BC1-4EA4-B863-4AC427D2A232} - System32\Tasks\Titanium BTC
=> C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27]
(Trend Micro Inc.)
Task: {4BA196C8-C694-47F1-A48E-FE4F1EB177CA} - System32\Tasks\{0680CAE7-
45AC-41DA-BE24-3FE9B55BB9EA} => C:\Program Files (x86)\Activision\Call of
Duty 4 - Modern Warfare\iw3mp.exe
Task: {5EF68C90-86CF-4930-BCE7-6659C0713A19} - System32\Tasks\{7F77EAF3-
ED98-49C9-9804-6C2BB871C696} => D:\Spel\CoD4\iw3mp.exe
Task: {5F9C8E46-60EE-4E00-840B-7DBC16528F18} - System32\Tasks\{64293FC0-
A411-4B54-B97A-08AD6D3B6D29} => C:\Program Files (x86)\Activision\Call of
Duty 4 - Modern Warfare\iw3mp.exe
Task: {677B199D-3A86-42D2-B727-DD35D6D65BA3} - System32\Tasks
\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000Core =>
C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13] (Google
Inc.)
Task: {6C0744FE-12B1-40B5-98DB-323037BE090C} - System32\Tasks\{77D546B5-
8413-47F6-AA38-33A1774C0116} => D:\Spel\CoD4\iw3mp.exe
Task: {727D5EF1-0457-4C11-8CD7-160A5A31B823} - System32\Tasks
\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17]
(Piriform Ltd)
Task: {96CD5B6A-9424-4EE1-B0C7-CE1585E790F9} - System32\Tasks\PassShow_wd
=> C:\Program Files (x86)\PassShow\PassShowqEvqTw.exe [2014-05-01] () <====
ATTENTION
Task: {B5AEDF90-4D36-4721-AA5E-D71BE2CBE1A1} - System32\Tasks\{B86E1395-
4481-46DE-9F2F-95DA692D0FDD} => C:\Program Files (x86)\Activision\Call of
Duty 4 - Modern Warfare\iw3mp.exe
Task: {C96ADFB7-3C0D-42D7-B2A9-7512F575B68E} - System32\Tasks\PassShow
Update => C:\Program Files (x86)\PassShow\PassShowqEv.exe [2014-05-01] ()
<==== ATTENTION
Task: {EFD5E285-4AD1-43DE-AE5B-5AF278832AA4} - System32\Tasks
\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update
\GoogleUpdate.exe [2012-08-25] (Google Inc.)
Task: {FB06FA1E-554B-4082-B62E-7841CE5C55C3} - System32\Tasks
\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000UA => C:
\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13] (Google
Inc.)
Task: {FD703C96-D80A-4AA3-997F-5CE22CB7FDB8} - System32\Tasks
\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update
\GoogleUpdate.exe [2012-08-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows
\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-
887972967-1000Core.job => C:\Users\\AppData\Local\Google\Update
\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-
887972967-1000UA.job => C:\Users\\AppData\Local\Google\Update
\GoogleUpdate.exe
Task: C:\Windows\Tasks\PassShow Update.job => C:\Program Files
(x86)\PassShow\PassShowqEv.exe <==== ATTENTION
Task: C:\Windows\Tasks\PassShow_wd.job => C:\Program Files (x86)\PassShow
\PassShowqEvqTw.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2011-09-27 18:04 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files
\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files
\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-06-23 21:25 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files
\WinRAR\rarext.dll
2013-10-13 08:41 - 2013-01-16 04:19 - 00048128 _____ () C:\Program Files
\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2013-10-13 08:41 - 2013-04-02 06:25 - 00675840 _____ () C:\Program Files
\Trend Micro\AMSP\sqlite3.dll
2013-10-13 08:41 - 2013-01-16 04:23 - 00058368 _____ () C:\Program Files
\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2013-10-13 08:41 - 2012-12-18 22:06 - 01300480 _____ () C:\Program Files
\Trend Micro\AMSP\libprotobuf.dll
2013-10-13 08:41 - 2013-01-16 04:19 - 00018944 _____ () C:\Program Files
\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll
2013-10-13 08:33 - 2013-07-23 17:28 - 00247352 _____ () C:\Program Files
\Trend Micro\UniClient\plugins\LUADLL.dll
2014-05-01 07:52 - 2014-05-01 07:52 - 00077312 _____ () C:\Program Files
(x86)\PassShow\PassShowqEvqTw.exe
2014-01-09 17:48 - 2013-12-18 15:33 - 00057584 _____ () C:\Program Files
\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2014-05-01 07:52 - 2014-05-01 07:52 - 00142336 _____ () C:\Program Files
(x86)\PassShow\PassShowqEv161.exe
2011-10-14 11:39 - 2013-10-31 04:29 - 00076888 _____ () C:\Windows
\SysWOW64\PnkBstrA.exe
2014-05-01 07:52 - 2014-05-01 07:52 - 00133120 _____ () C:\Program Files
(x86)\PassShow\PassShowqEv161.dll
2013-10-15 16:54 - 2013-08-29 09:58 - 00882584 _____ () C:\Program Files
\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\WLMailApiCore.dll
2014-05-01 22:27 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files
(x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-01 22:27 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files
(x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-01 22:27 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files
(x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-01 22:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files
(x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-01 22:27 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files
(x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp =>
""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys =>
""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp =>
""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys =>
""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start
Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID
säkerhetsprogram.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start
Menu^Programs^Startup^Personal.lnk => C:\Windows\pss
\Personal.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files
\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files
\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office
\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson
Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPSON SX525WD Series => C:\Windows\system32\spool
\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_SF0F2.tmp" /EF "HKCU"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Google Update => "C:\Users\\AppData\Local\Google
\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes
\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies
\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies
\KiesTrayAgent.exe
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas
Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime
\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\\AppData\Roaming\Spotify
\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\\AppData\Roaming
\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common
Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2014 00:08:48 AM) (Source: VSS) (User: )
Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när
gränssnittet IVssWriterCallback skulle erhållas. hr = 0x80070005, Åtkomst
nekad.
.
Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för
antingen skrivaren eller beställaren.
Åtgärd:
Samlar in skrivardata
Kontext:
Skrivarklass-ID: {e8132975-6f93-
4464-a53e-1050253ae220}
Skrivarnamn: System Writer
Skrivarinstans-ID:
{05483f3a-838c-4006-a7ee-7985b4640c58}
System errors:
=============
Error: (05/01/2014 08:27:33 AM) (Source: Service Control Manager) (User: )
Description: Tjänsten NVIDIA Update Service Daemon kunde inte startas på
grund av följande fel:
%%1069
Error: (05/01/2014 08:27:33 AM) (Source: Service Control Manager) (User: )
Description: Tjänsten nvUpdatusService kunde inte logga in som .
\UpdatusUser med det för närvarande konfigurerade lösenordet på grund av
följande fel:
%%1330
Kontrollera att tjänsten är korrekt konfigurerad med hjälp av snapin-
modulen Tjänster i MMC (Microsoft Management Console).
Error: (05/01/2014 08:26:20 AM) (Source: DCOM) (User: NT instans)
Description: programspecifikLokalStarta{C97FCC79-E628-407D-AE68-
A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT instansSYSTEMS-1-5-
18LocalHost (med LRPC)
Microsoft Office Sessions:
=========================
Error: (05/02/2014 00:08:48 AM) (Source: VSS)(User: )
Description: 0x80070005, Åtkomst nekad.
Åtgärd:
Samlar in skrivardata
Kontext:
Skrivarklass-ID: {e8132975-6f93-
4464-a53e-1050253ae220}
Skrivarnamn: System Writer
Skrivarinstans-ID:
{05483f3a-838c-4006-a7ee-7985b4640c58}
CodeIntegrity Errors:
===================================
Date: 2011-11-01 20:30:24.848
Description: Windows is unable to verify the image integrity of the file
\Device\HarddiskVolume1\Users\MA~1\AppData\Local\Temp\OnlineScanner\Anti-
Virus\fsgk.sys because file hash could not be found on the system. A recent
hardware or software change might have installed a file that is signed
incorrectly or damaged, or that might be malicious software from an unknown
source.
Date: 2011-11-01 20:30:24.831
Description: Windows is unable to verify the image integrity of the file
\Device\HarddiskVolume1\Users\MA~1\AppData\Local\Temp\OnlineScanner\Anti-
Virus\fsgk.sys because file hash could not be found on the system. A recent
hardware or software change might have installed a file that is signed
incorrectly or damaged, or that might be malicious software from an unknown
source.
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 8172.48 MB
Available physical RAM: 5818.36 MB
Total Pagefile: 16343.15 MB
Available Pagefile: 12890.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:127.99 GB) (Free:11.32 GB) NTFS ==>[Drive with
boot components (obtained from BCD)]
Drive d: (Spel) (Fixed) (Total:337.77 GB) (Free:15.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=338 GB) - (Type=07 NTFS)
==================== End Of Log ============================ -
Hej!Kan någon vänlig själ hjälpa mig med denna logg?Tack på förhand!Logfile of Trend Micro HijackThis v2.0.4Scan saved at 21:41:49, on 2014-05-01Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17041)Boot mode: NormalRunning processes:C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exeC:\Users\NA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeC:\Windows\SysWOW64\DllHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\InternetSettings,ProxyServer = http=127.0.0.1:13852R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -(no file)R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} -(no file)F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dllO2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18}- C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLLO2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2}- C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\CommonFiles\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"O4 - HKCU\..\Run: [Google Update] "C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe" /cO8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Ski&cka till OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab)-
nvd.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dllO18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\ProgramFiles\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dllO18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\ProgramFiles\Trend Micro\Titanium\UIFramework\ToolbarIE.dllO18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\ProgramFiles (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service(ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files(x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exeO23 - Service: Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -C:\Windows\System32\alg.exe (file missing)O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. -C:\Program Files\Trend Micro\AMSP\coreServiceShell.exeO23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\ProgramFiles\Bonjour\mDNSResponder.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner- C:\Windows\System32\lsass.exe (file missing)O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSONCORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXEO23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSONCORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXEO23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) -Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exeO23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. -C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. -C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000(IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIACorporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeO23 - Service: PassShow - Unknown owner - C:\Program Files (x86)\PassShow\PassShowqEv161.exeO23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) -Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknownowner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner- C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknownowner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknownowner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknownowner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files(x86)\Common Files\Steam\SteamService.exeO23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) -NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) -Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner- C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) -Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows MediaPlayer\wmpnetwk.exe (file missing)--End of file - 11413 bytes
-
Det första ser ut att vara någon rest i registret som blivit kvar efter en avinstallation, eller annan typ av borttagning, av ett annonsprogram. Jag tror att det bara är en rest eftersom det är bara en registerpost. De andra två betyder att det verkar som att Aktivitetshanteraren och Registereditorn är inaktiverade.
Hej!
Tack för ditt svar:)
Aktivitetshanteraren och Registereditorn är inte inaktiverade.
Därav min fråga.
Jag har aldrig varit med om ett scanningsprogram som har rapporterat om just detta!
Kan jag ta bort detta?
Mvh Babbler1
-
Hej! Kan någon vänlig själ hjälpa mig med denna logg?Emsisoft Emergency Kit - Version 4.0Senaste Uppdatering: 2014-03-16 14:20:22Skanningsinställning:Skanningstyp: Snabb SkanningObjekt: Rootkits, Minne, SpårDetektera PUPs: PåSkanna Arkiv: AvADS Skanning: PåFiltilläggsfilter: AvAvancerat cacheminne: PåDirect diskåtkomst: AvSkanning Start: 2014-03-16 14:23:23Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Upptäckta: Application.AdReg (A)Value: HKEY_USERS\S-1-5-21-1521310780-587458791-887972967-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGRUpptäckta: Setting.DisableTaskMgr (A)Value: HKEY_USERS\S-1-5-21-1521310780-587458791-887972967-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLSUpptäckta: Setting.DisableRegistryTools (A)Skannade: 55354Funna: 3Skanningsslut: 2014-03-16 14:23:39Skanningstid: 0:00:16
HijackThis-logg
i Borttagning av virus och andra skadliga program
Postad · Redigerad av Babbler1
Hej!
Tack för ditt svar!
Ber om ursäkt för mitt nu sena svar!
Här är loggen!
Här är den önskade bilden av det konstiga mönstret på Aftonbladet!
Mvh Babbler
AdwCleanerS0.txt