Gå till innehåll

win32.exe

hubalon
 Dela

Recommended Posts

hubalon

hubalon

Postad
Postad (redigerade)

Igår hittade MBAM en trojan (se bif bild) och lade den i karantän.

 

Vid omstart idag fick jag felmeddelande "det går inte att hitta filen win32.exe. Kontrollera att du angav rätt namn och försök igen. (se bif bild)

 

I övrigt verkar allt fungera som det skall.

Essentials

Jag använder Win 7 Ultimate 64bit med win security Essentials och MBAM. Allt med senaste uppdateringar installerat. Behöver jag oroa mig, och hur får jag bort felmeddelandet ?

post-7713-0-96668400-1356068077.png

post-7713-0-07690200-1356068131_thumb.pn

Redigerad av hubalon
Länk till kommentar
Dela på andra webbplatser
hubalon

hubalon

Postad
  • Författare
Postad (redigerade)

MBAM hittade Trojan agent (se ovan i tråden) och lade den i karantän.

 

Datorn fungerar som den skall men felmeddelande (se ovan i tråden) visas varje gång den startar om.

 

Har sökt igenom datorn efter win32.exe men den verkar inte finnas.

 

Det går inte att klistra in/kopiera dds.txt hit ?????

 

 

 

dds.txt

Redigerad av hubalon
Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad (redigerade)

Jag klistrar in DDS.txt för det blir lättare för mig att gå igenom den och återvända till den för jämförelser.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.9.2
Run by Björn at 13:37:23 on 2012-12-21
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.46.1053.18.8078.4885 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Björn\AppData\Local\Akamai\netsession_win.exe
C:\Users\Björn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Björn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\PROGRA~2\Personal\bin\Personal.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Users\Björn\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDGesture.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Björn\Desktop\dds.com
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Akamai NetSession Interface] "C:\Users\Björn\AppData\Local\Akamai\netsession_win.exe"
uRun: [skyDrive] "C:\Users\Björn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
mRun: [updatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe /S
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [win32] "C:\kernels\drivers.vbs"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
StartupFolder: C:\Users\BJRN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Björn\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\BJRN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll
LSP: %windir%\system32\vsocklib.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{55D42E33-0FF9-40D3-97C6-5284FE0ED7D6} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D507A4B4-494F-4D6D-B4B6-2B98F82E72AB} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [lxeamon.exe] "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe"
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Switchdrivrutin för Intel® USB 3.0 Värdstyrenhet;C:\Windows\System32\drivers\iusb3hcs.sys [2012-12-11 19224]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-19 30056]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2012-12-19 70296]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-12-19 284008]
R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\drivers\uim_vimx64.sys [2012-11-22 390352]
R2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2011-12-22 818952]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-12-7 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-2-16 277120]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-11 135952]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-13 13632]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-12-7 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-7 161560]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 lxea_device;lxea_device;C:\Windows\System32\lxeacoms.exe -service --> C:\Windows\System32\lxeacoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-8 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-8 676936]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-5-25 2139400]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2009-8-6 11576]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\System32\Wacom_Tablet.exe [2012-12-9 3647272]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2012-1-20 16128]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-7 363800]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2012-12-9 613760]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-12-7 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuellt kort;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
R3 AsusVBus;AsusVBus;C:\Windows\System32\drivers\AsusVBus.sys [2011-12-21 35968]
R3 AsusVTouch;AsusVTouch;C:\Windows\System32\drivers\AsusVTouch.sys [2011-11-7 16512]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-12-7 200488]
R3 i8042HDR;Keyboard Filter Driver;C:\Windows\System32\drivers\i8042HDR.sys [2012-12-13 15920]
R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
R3 iusb3hub;Drivrutin för Intel® USB 3.0 Nav;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-11 356632]
R3 iusb3xhc;Drivrutin för Intel® USB 3.0 Utbyggbar värdstyrenhet;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-11 789272]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-26 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-7 103536]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-8 25928]
R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxeaserv.exe [2012-12-7 45736]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed-protokoll;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-12-14 102368]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-12-7 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-12-7 9096]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2012-12-9 13728]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-26 34200]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
S3 LVUVC64;Logitech QuickCam Ultra Vision(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-8 19456]
S3 Samsung UPD Service2;Samsung UPD Service2;C:\Windows\System32\SUPDSvc2.exe [2012-12-7 158208]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-12-14 203104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-8 57856]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.5;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-1-20 149504]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2012-12-9 81312]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2012-12-9 18216]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2012-12-9 15776]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-7 1255736]
.
=============== Created Last 30 ================
.
2012-12-21 12:37:23    --------    d-----w-    C:\Users\Bj÷rn\AppData\Local\Microsoft
2012-12-21 12:03:39    73656    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-21 12:03:39    697272    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-21 11:48:39    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Nero
2012-12-21 11:46:07    --------    d-----w-    C:\ProgramData\Nero
2012-12-21 11:46:07    --------    d-----w-    C:\Program Files (x86)\Nero
2012-12-21 08:54:39    --------    d-----w-    C:\Program Files (x86)\Topckit
2012-12-21 04:51:18    --------    d-----w-    C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-12-21 04:50:54    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2012-12-21 04:50:54    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2012-12-21 04:50:52    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2012-12-21 04:50:51    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2012-12-20 17:09:37    --------    d-sh--r-    C:\Kernels
2012-12-20 16:40:03    9125352    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A19F255A-15A2-4E6C-9FD9-7E245385246F}\mpengine.dll
2012-12-20 10:40:42    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Leadertech
2012-12-19 08:33:53    --------    d-----w-    C:\Users\Björn\AppData\Roaming\VMware
2012-12-19 08:33:19    70296    ----a-w-    C:\Windows\System32\drivers\vsock.sys
2012-12-19 08:33:19    67224    ----a-w-    C:\Windows\System32\vsocklib.dll
2012-12-19 08:33:19    63128    ----a-w-    C:\Windows\SysWow64\vsocklib.dll
2012-12-19 08:33:17    67224    ----a-w-    C:\Windows\System32\drivers\vmx86.sys
2012-12-19 08:33:17    32920    ----a-w-    C:\Windows\System32\drivers\VMkbd.sys
2012-12-19 08:32:52    357016    ----a-w-    C:\Windows\SysWow64\vmnetdhcp.exe
2012-12-19 08:32:48    435864    ----a-w-    C:\Windows\SysWow64\vmnat.exe
2012-12-19 08:32:48    30360    ----a-w-    C:\Windows\System32\drivers\vmnetuserif.sys
2012-12-19 08:32:44    933528    ----a-w-    C:\Windows\System32\vnetlib64.dll
2012-12-19 08:32:42    52376    ----a-w-    C:\Windows\System32\drivers\hcmon.sys
2012-12-19 08:32:21    --------    d-----w-    C:\Program Files\Common Files\VMware
2012-12-19 08:32:08    --------    d-----w-    C:\ProgramData\VMware
2012-12-19 08:32:08    --------    d-----w-    C:\Program Files (x86)\VMware
2012-12-19 08:32:08    --------    d-----w-    C:\Program Files (x86)\Common Files\VMware
2012-12-19 06:03:54    --------    d-----w-    C:\NVIDIA
2012-12-19 04:55:35    9125352    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-16 08:50:18    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Auslogics
2012-12-16 08:50:15    --------    d-----w-    C:\Program Files (x86)\Auslogics
2012-12-16 07:43:38    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Canon
2012-12-16 07:08:55    64512    ----a-w-    C:\Windows\System32\CNQU111.DLL
2012-12-16 07:08:55    331776    ----a-w-    C:\Windows\System32\CNQL1212.dll
2012-12-16 06:56:55    --------    d-----w-    C:\Program Files (x86)\Canon
2012-12-16 06:56:43    77824    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-12-16 06:56:43    614532    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-12-16 06:56:43    32768    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-12-16 06:56:43    225280    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-12-16 06:56:43    176128    ----a-w-    C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-12-15 14:15:58    --------    d--h--w-    C:\CanoScan
2012-12-14 15:51:20    --------    d-----w-    C:\Users\Björn\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-12-14 15:36:38    --------    d-----w-    C:\Users\Björn\AppData\Roaming\NVIDIA
2012-12-14 14:34:52    --------    d-----w-    C:\Program Files\CCleaner
2012-12-14 09:40:41    746984    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2012-12-14 09:40:40    821736    ----a-w-    C:\Windows\SysWow64\npDeployJava1.dll
2012-12-14 09:40:33    95208    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-14 09:34:39    203104    ----a-w-    C:\Windows\System32\drivers\ssudmdm.sys
2012-12-14 09:34:39    102368    ----a-w-    C:\Windows\System32\drivers\ssudbus.sys
2012-12-14 09:02:45    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Samsung
2012-12-14 09:01:17    4659712    ----a-w-    C:\Windows\SysWow64\Redemption.dll
2012-12-14 09:01:11    821824    ----a-w-    C:\Windows\SysWow64\dgderapi.dll
2012-12-14 04:09:19    --------    d-----w-    C:\Users\Björn\AppData\Roaming\No Company Name
2012-12-13 13:44:36    15920    ----a-w-    C:\Windows\System32\drivers\i8042HDR.sys
2012-12-13 06:36:42    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Intel Corporation
2012-12-13 06:07:36    --------    d-----w-    C:\ProgramData\DriverGenius
2012-12-13 05:15:31    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Easeware
2012-12-12 16:59:09    --------    d-----w-    C:\aws
2012-12-12 16:59:05    --------    d-----w-    C:\Asus WebStorage
2012-12-12 16:57:09    --------    d-----w-    C:\Users\Björn\AppData\Roaming\ASUS WebStorage
2012-12-12 16:57:07    --------    d-----w-    C:\ProgramData\ASUS WebStorage
2012-12-12 13:34:38    --------    d--h--w-    C:\SkyDriveTemp
2012-12-12 13:33:11    --------    d-----w-    C:\Program Files (x86)\Microsoft SkyDrive
2012-12-12 13:33:11    --------    d-----r-    C:\Users\Björn\SkyDrive
2012-12-12 13:33:04    --------    d-----w-    C:\ProgramData\Microsoft SkyDrive
2012-12-12 09:52:41    --------    d-----w-    C:\Windows\Migration
2012-12-12 09:45:10    74240    ----a-w-    C:\Windows\System32\wbem\NCProv.dll
2012-12-12 09:45:10    58368    ----a-w-    C:\Windows\System32\ncobjapi.dll
2012-12-12 09:45:10    46080    ----a-w-    C:\Windows\SysWow64\ncobjapi.dll
2012-12-12 09:45:02    13824    ----a-w-    C:\Windows\System32\Register-CimProvider.exe
2012-12-12 09:45:02    12800    ----a-w-    C:\Windows\SysWow64\Register-CimProvider.exe
2012-12-12 09:45:01    23040    ----a-w-    C:\Windows\System32\winrshost.exe
2012-12-12 09:45:01    22528    ----a-w-    C:\Windows\System32\wbem\mofcomp.exe
2012-12-12 09:45:01    204105    ----a-w-    C:\Windows\SysWow64\winrm.vbs
2012-12-12 09:45:01    18944    ----a-w-    C:\Windows\SysWow64\wbem\mofcomp.exe
2012-12-12 09:45:01    1536    ----a-w-    C:\Windows\SysWow64\winrsmgr.dll
2012-12-12 09:45:01    1536    ----a-w-    C:\Windows\System32\winrsmgr.dll
2012-12-12 09:45:00    31744    ----a-w-    C:\Windows\System32\wbem\WinMgmtR.dll
2012-12-12 09:33:41    424960    ----a-w-    C:\Windows\System32\KernelBase.dll
2012-12-12 09:32:57    3149824    ----a-w-    C:\Windows\System32\win32k.sys
2012-12-12 09:32:56    478208    ----a-w-    C:\Windows\System32\dpnet.dll
2012-12-12 09:32:56    376832    ----a-w-    C:\Windows\SysWow64\dpnet.dll
2012-12-12 05:31:23    --------    d-----w-    C:\Program Files (x86)\Garmin GPS Plugin
2012-12-12 05:31:21    --------    d-----w-    C:\Program Files\Garmin GPS Plugin
2012-12-11 16:46:31    789272    ----a-w-    C:\Windows\System32\drivers\iusb3xhc.sys
2012-12-11 16:46:31    356632    ----a-w-    C:\Windows\System32\drivers\iusb3hub.sys
2012-12-11 16:46:31    19224    ----a-w-    C:\Windows\System32\drivers\iusb3hcs.sys
2012-12-11 16:21:35    --------    d-----w-    C:\Windows\System32\appmgmt
2012-12-11 15:28:32    --------    d-----w-    C:\ProgramData\regid.1986-12.com.adobe
2012-12-11 09:33:09    --------    d-----w-    C:\ProgramData\Licenses
2012-12-11 08:53:27    --------    d-----w-    C:\Program Files (x86)\Engelmann Media
2012-12-11 08:46:56    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Engelmann Media
2012-12-11 08:46:55    --------    d-----w-    C:\Program Files (x86)\Common Files\HDX4
2012-12-11 06:34:54    --------    d-----w-    C:\Windows\pss
2012-12-10 17:52:24    48648    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-12-10 17:52:20    346960    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-10 15:52:37    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Macromedia
2012-12-10 15:52:37    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Adobe
2012-12-10 15:52:27    --------    d-----w-    C:\ProgramData\YTD Video Downloader
2012-12-10 15:52:21    --------    d-----w-    C:\Program Files (x86)\GreenTree Applications
2012-12-10 15:51:52    --------    d-----w-    C:\Program Files (x86)\Your Product
2012-12-10 13:44:47    --------    d-----w-    C:\ProgramData\Garmin
2012-12-10 13:43:42    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Garmin
2012-12-10 13:43:42    --------    d-----w-    C:\Program Files (x86)\Garmin
2012-12-10 11:01:28    --------    d-----w-    C:\Users\Björn\AppData\Roaming\AnvSoft
2012-12-10 11:00:42    --------    d-----w-    C:\Program Files (x86)\AnvSoft
2012-12-09 12:12:04    --------    d-----w-    C:\Program Files (x86)\TabletPlugins
2012-12-09 12:12:03    --------    d-----w-    C:\Program Files\TabletPlugins
2012-12-09 12:12:00    81312    ----a-w-    C:\Windows\System32\drivers\wachidrouter.sys
2012-12-09 12:12:00    15776    ----a-w-    C:\Windows\System32\drivers\wacomrouterfilter.sys
2012-12-09 12:12:00    13728    ----a-w-    C:\Windows\System32\drivers\hidkmdf.sys
2012-12-09 12:11:54    1974144    ----a-w-    C:\Windows\System32\Wacom_Touch_Tablet.dll
2012-12-09 12:11:54    1840000    ----a-w-    C:\Windows\System32\WacomMT.dll
2012-12-09 12:11:54    1621376    ----a-w-    C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
2012-12-09 12:11:54    1505152    ----a-w-    C:\Windows\SysWow64\WacomMT.dll
2012-12-09 12:11:52    --------    d-----w-    C:\Program Files\Tablet
2012-12-09 11:27:17    --------    d-----w-    C:\Users\Björn\AppData\Roaming\WTablet
2012-12-09 11:26:51    12976    ----a-w-    C:\Windows\System32\drivers\WacomVKHid.sys
2012-12-09 11:26:41    18216    ----a-w-    C:\Windows\System32\drivers\wacmoumonitor.sys
2012-12-09 11:26:40    --------    d-----w-    C:\Windows\System32\WTablet
2012-12-09 11:26:39    1509248    ----a-w-    C:\Windows\SysWow64\Wintab32.dll
2012-12-09 11:26:36    1628032    ----a-w-    C:\Windows\SysWow64\Wacom_Tablet.dll
2012-12-09 11:26:35    1981312    ----a-w-    C:\Windows\System32\Wacom_Tablet.dll
2012-12-09 11:26:31    3647272    ------w-    C:\Windows\System32\Wacom_Tablet.exe
2012-12-09 11:26:25    --------    d-----w-    C:\Program Files (x86)\Tablet
2012-12-08 15:14:26    --------    d-----w-    C:\Program Files (x86)\Ashampoo
2012-12-08 13:37:03    32768    ----a-w-    C:\Windows\SysWow64\lfgif70n.dll
2012-12-08 13:37:03    302080    ----a-w-    C:\Windows\SysWow64\ltdlg11N.dll
2012-12-08 13:37:03    151552    ----a-w-    C:\Windows\SysWow64\ltvid11n.dll
2012-12-08 13:37:03    121856    ----a-w-    C:\Windows\SysWow64\lfmpg11n.dll
2012-12-08 13:36:59    --------    d-----w-    C:\Program Files\sdb4
2012-12-08 12:52:44    --------    d-----w-    C:\Users\Björn\AppData\Roaming\dvdcss
2012-12-08 12:29:57    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Canneverbe Limited
2012-12-08 12:29:57    --------    d-----w-    C:\ProgramData\Canneverbe Limited
2012-12-08 08:43:02    --------    d-----w-    C:\Users\Björn\AppData\Roaming\WinRAR
2012-12-08 07:45:39    --------    d-----w-    C:\svegrav
2012-12-08 07:40:16    --------    d-----w-    C:\Program Files\Begravda i Sverige
2012-12-08 07:24:47    --------    d-----w-    C:\Program Files\Sveriges Dödbok 1901-2009
2012-12-08 07:16:38    --------    d-----w-    C:\Program Files\Sveriges befolkning 1990
2012-12-08 07:11:08    --------    d-----w-    C:\SVBEF80
2012-12-08 07:03:09    --------    d-----w-    C:\SVBEF70
2012-12-08 06:56:01    80896    ----a-w-    C:\Windows\SysWow64\lffax11n.dll
2012-12-08 06:56:01    41472    ----a-w-    C:\Windows\SysWow64\lfgif11n.dll
2012-12-08 06:56:01    392192    ----a-w-    C:\Windows\SysWow64\ltkrn11n.dll
2012-12-08 06:56:01    36864    ----a-w-    C:\Windows\SysWow64\lfbmp11n.dll
2012-12-08 06:56:01    356864    ----a-w-    C:\Windows\SysWow64\ltkrn11n_g.dll
2012-12-08 06:56:01    273408    ----a-w-    C:\Windows\SysWow64\LFCMP11n.DLL
2012-12-08 06:56:01    244224    ----a-w-    C:\Windows\SysWow64\LTDIS11n.dll
2012-12-08 06:56:01    129024    ----a-w-    C:\Windows\SysWow64\lftif11n.dll
2012-12-08 06:56:01    126976    ----a-w-    C:\Windows\SysWow64\ltimg11n.dll
2012-12-08 06:56:01    111616    ----a-w-    C:\Windows\SysWow64\ltfil11n.DLL
2012-12-08 06:55:57    --------    d-----w-    C:\Program Files\svebef1900
2012-12-08 06:39:38    376688    ----a-w-    C:\Windows\System32\drivers\netio.sys
2012-12-08 05:47:45    --------    d-----w-    C:\Users\Björn\AppData\Roaming\LibreOffice
2012-12-08 05:47:29    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Malwarebytes
2012-12-08 05:47:14    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2012-12-08 05:47:14    --------    d-----w-    C:\ProgramData\Malwarebytes
2012-12-08 05:47:13    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-08 04:48:48    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Skype
2012-12-08 04:48:44    --------    d-----r-    C:\Program Files (x86)\Skype
2012-12-07 21:16:10    --------    d-s---w-    C:\Users\Björn\Google Drive
2012-12-07 20:46:12    --------    d-----w-    C:\Users\Björn\AppData\Roaming\vlc
2012-12-07 20:45:49    --------    d-----w-    C:\Program Files\VideoLAN
2012-12-07 20:41:36    --------    d-----w-    C:\Users\Björn\AppData\Roaming\CyberLink
2012-12-07 20:28:23    --------    d-----w-    C:\Program Files (x86)\uTorrent
2012-12-07 20:27:38    --------    d-----w-    C:\Users\Björn\AppData\Roaming\uTorrent
2012-12-07 20:10:52    --------    d-----w-    C:\Program Files (x86)\Foxit Software
2012-12-07 20:04:27    --------    d-----w-    C:\ProgramData\Ezprint
2012-12-07 20:03:25    --------    d-----w-    C:\ProgramData\Samsung
2012-12-07 20:03:23    37376    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\spd__pc.dll
2012-12-07 20:03:17    1724416    ------w-    C:\Windows\gdiplus.dll
2012-12-07 20:03:17    1558432    ------w-    C:\Windows\TotalUninstaller.exe
2012-12-07 20:02:31    382976    ----a-w-    C:\Windows\System32\UPDIO2.dll
2012-12-07 20:02:31    157184    ----a-w-    C:\Windows\System32\SUPDSvcA2.dll
2012-12-07 20:02:29    34304    ----a-w-    C:\Windows\System32\spd__l.dll
2012-12-07 20:02:28    89600    ----a-w-    C:\Windows\System32\spd__ci.dll
2012-12-07 20:02:28    253440    ----a-w-    C:\Windows\System32\SUPDRun.exe
2012-12-07 20:02:28    158208    ----a-w-    C:\Windows\System32\SUPDSvc2.exe
2012-12-07 20:02:27    151552    ----a-w-    C:\Windows\System32\spd__ci.exe
2012-12-07 19:58:41    --------    d-----w-    C:\ProgramData\Lx_cats
2012-12-07 19:57:42    189440    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\lxeadrpp.dll
2012-12-07 19:57:01    109056    ----a-w-    C:\Windows\System32\lxeavs.dll
2012-12-07 19:55:41    --------    d-----w-    C:\Lexmark
2012-12-07 19:45:18    149880    ----a-w-    C:\Windows\wiainst64.exe
2012-12-07 19:45:09    --------    d-----w-    C:\Windows\twain_64
2012-12-07 19:44:56    280064    ----a-w-    C:\Windows\System32\snWIAMUI.dll
2012-12-07 19:44:50    --------    d-----w-    C:\Program Files (x86)\Samsung
2012-12-07 19:40:19    --------    d-----w-    C:\Program Files (x86)\Samsung AnyWeb Print
2012-12-07 19:30:13    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Personal
2012-12-07 19:30:01    --------    d-----w-    C:\Program Files (x86)\Personal
2012-12-07 19:12:13    --------    d-----w-    C:\ProgramData\deletepart
2012-12-07 19:09:24    --------    d-----w-    C:\ProgramData\redistpart
2012-12-07 19:09:16    --------    d-----w-    C:\archive_db
2012-12-07 19:08:19    --------    d-----w-    C:\ProgramData\mergeparts
2012-12-07 19:08:12    --------    d-----w-    C:\ProgramData\explauncher
2012-12-07 19:08:11    --------    d-----w-    C:\ProgramData\launcher
2012-12-07 19:06:07    --------    d-----w-    C:\Program Files (x86)\Paragon Software
2012-12-07 18:56:30    --------    d-----w-    C:\Windows\Acronis
2012-12-07 18:54:46    276576    ----a-w-    C:\Windows\System32\drivers\snapman.sys
2012-12-07 18:43:33    9096    ----a-w-    C:\Windows\System32\EuGdiDrv.sys
2012-12-07 18:43:33    86408    ----a-w-    C:\Windows\SysWow64\setupempdrv03.exe
2012-12-07 18:43:33    8456    ----a-w-    C:\Windows\SysWow64\EuGdiDrv.sys
2012-12-07 18:43:33    3316736    ----a-w-    C:\Windows\System32\BootMan.exe
2012-12-07 18:43:33    2469760    ----a-w-    C:\Windows\SysWow64\BootMan.exe
2012-12-07 18:43:33    19840    ----a-w-    C:\Windows\SysWow64\EuEpmGdi.dll
2012-12-07 18:43:33    16776    ----a-w-    C:\Windows\System32\epmntdrv.sys
2012-12-07 18:43:33    16256    ----a-w-    C:\Windows\System32\EuEpmGdi.dll
2012-12-07 18:43:33    14216    ----a-w-    C:\Windows\SysWow64\epmntdrv.sys
2012-12-07 18:43:33    100232    ----a-w-    C:\Windows\System32\setupempdrvx64.exe
2012-12-07 18:43:23    --------    d-----w-    C:\Program Files (x86)\EASEUS
2012-12-07 18:41:59    --------    d-----w-    C:\Users\Björn\AppData\Roaming\ABBYY
2012-12-07 18:39:05    --------    d-----w-    C:\Program Files (x86)\Common Files\ABBYY
2012-12-07 18:38:29    --------    d-----w-    C:\ProgramData\ABBYY
2012-12-07 18:38:29    --------    d-----w-    C:\Program Files (x86)\ABBYY FineReader 11
2012-12-07 18:29:54    --------    d-----w-    C:\Temp
2012-12-07 17:47:47    --------    d-----w-    C:\Windows\System32\SPReview
2012-12-07 17:47:25    --------    d-----w-    C:\Windows\System32\EventProviders
2012-12-07 17:42:59    828928    ----a-w-    C:\Windows\SysWow64\fontext.dll
2012-12-07 17:41:06    529408    ----a-w-    C:\Windows\System32\wbemcomn.dll
2012-12-07 17:41:06    244736    ----a-w-    C:\Program Files\Windows Portable Devices\sqmapi.dll
2012-12-07 17:41:03    244736    ----a-w-    C:\Windows\System32\sqmapi.dll
2012-12-07 17:39:14    --------    d-----w-    C:\Program Files (x86)\Bass Audio Decoder
2012-12-07 17:37:35    --------    d-----w-    C:\ProgramData\Zoom Player
2012-12-07 17:37:35    --------    d-----w-    C:\Program Files (x86)\Zoom Player
2012-12-07 17:31:57    --------    d-----w-    C:\Program Files\SoToki
2012-12-07 17:27:36    --------    d-----w-    C:\Program Files (x86)\LibreOffice 3.6
2012-12-07 17:23:37    --------    d-----w-    C:\Program Files\Speccy
2012-12-07 17:16:35    --------    d-----w-    C:\Program Files (x86)\MinSläkt V3
2012-12-07 17:07:13    2565632    ----a-w-    C:\Windows\System32\esent.dll
2012-12-07 17:07:11    1699328    ----a-w-    C:\Windows\SysWow64\esent.dll
2012-12-07 17:07:11    166272    ----a-w-    C:\Windows\System32\drivers\nvstor.sys
2012-12-07 17:07:11    148352    ----a-w-    C:\Windows\System32\drivers\nvraid.sys
2012-12-07 17:07:10    96768    ----a-w-    C:\Windows\System32\fsutil.exe
2012-12-07 17:07:10    74240    ----a-w-    C:\Windows\SysWow64\fsutil.exe
2012-12-07 17:07:10    410496    ----a-w-    C:\Windows\System32\drivers\iaStorV.sys
2012-12-07 17:07:10    27008    ----a-w-    C:\Windows\System32\drivers\amdxata.sys
2012-12-07 17:07:10    189824    ----a-w-    C:\Windows\System32\drivers\storport.sys
2012-12-07 17:07:10    107904    ----a-w-    C:\Windows\System32\drivers\amdsata.sys
2012-12-07 17:06:57    80384    ----a-w-    C:\Windows\System32\drivers\BTHUSB.SYS
2012-12-07 17:06:57    552960    ----a-w-    C:\Windows\System32\drivers\bthport.sys
2012-12-07 17:06:57    52736    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2012-12-07 17:06:57    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2012-12-07 17:06:57    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2012-12-07 17:06:57    229376    ----a-w-    C:\Windows\System32\fsquirt.exe
2012-12-07 17:06:56    98816    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2012-12-07 17:06:56    7936    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2012-12-07 17:06:56    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2012-12-07 17:06:56    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2012-12-07 16:57:14    902656    ----a-w-    C:\Windows\System32\d2d1.dll
2012-12-07 16:57:14    739840    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2012-12-07 16:57:14    1139200    ----a-w-    C:\Windows\System32\FntCache.dll
2012-12-07 16:11:26    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2012-12-07 16:11:26    785512    ----a-w-    C:\Windows\System32\drivers\Wdf01000.sys
2012-12-07 16:11:26    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2012-12-07 16:11:26    2560    ----a-w-    C:\Windows\System32\drivers\sv-SE\wdf01000.sys.mui
2012-12-07 16:09:08    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2012-12-07 16:01:15    294912    ----a-w-    C:\Windows\System32\browserchoice.exe
2012-12-07 15:58:00    74752    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2012-12-07 15:58:00    307200    ----a-w-    C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
2012-12-07 15:58:00    161792    ----a-w-    C:\Windows\SysWow64\msls31.dll
2012-12-07 15:58:00    107008    ----a-w-    C:\Program Files (x86)\Internet Explorer\iecleanup.exe
2012-12-07 15:46:43    --------    d-----w-    C:\Program Files (x86)\MozBackup
2012-12-07 15:40:04    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2012-12-07 15:40:04    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2012-12-07 15:40:03    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2012-12-07 15:40:03    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2012-12-07 15:40:03    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2012-12-07 15:40:02    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2012-12-07 15:40:02    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2012-12-07 15:23:17    --------    d-----w-    C:\Windows\SysWow64\Wat
2012-12-07 15:23:16    --------    d-----w-    C:\Windows\System32\Wat
2012-12-07 15:10:37    --------    d-----w-    C:\Program Files (x86)\Common Files\Windows Live
2012-12-07 15:06:01    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2012-12-07 15:06:01    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2012-12-07 15:06:01    5120    ----a-w-    C:\Windows\System32\wmi.dll
2012-12-07 15:06:01    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2012-12-07 15:06:01    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2012-12-07 14:59:10    --------    d-----w-    C:\Users\Björn\AppData\Roaming\ImgBurn
2012-12-07 14:57:29    509952    ----a-w-    C:\Windows\System32\ntshrui.dll
2012-12-07 14:57:29    442880    ----a-w-    C:\Windows\SysWow64\ntshrui.dll
2012-12-07 14:56:13    1544704    ----a-w-    C:\Windows\System32\DWrite.dll
2012-12-07 14:56:12    1077248    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2012-12-07 14:54:59    2004480    ----a-w-    C:\Windows\System32\msxml6.dll
2012-12-07 14:53:53    574464    ----a-w-    C:\Windows\System32\d3d10level9.dll
2012-12-07 14:42:44    605552    ----a-w-    C:\Windows\System32\winload.exe
2012-12-07 14:41:52    2164224    ----a-w-    C:\Program Files\Windows Journal\Journal.exe
2012-12-07 14:40:56    723456    ----a-w-    C:\Windows\System32\EncDec.dll
2012-12-07 14:40:56    534528    ----a-w-    C:\Windows\SysWow64\EncDec.dll
2012-12-07 14:40:53    956928    ----a-w-    C:\Windows\System32\localspl.dll
2012-12-07 14:40:52    39424    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2012-12-07 14:40:48    90624    ----a-w-    C:\Windows\System32\drivers\bowser.sys
2012-12-07 14:40:47    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2012-12-07 14:40:47    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2012-12-07 14:40:47    331776    ----a-w-    C:\Windows\System32\oleacc.dll
2012-12-07 14:40:47    233472    ----a-w-    C:\Windows\SysWow64\oleacc.dll
2012-12-07 14:40:46    77312    ----a-w-    C:\Windows\System32\packager.dll
2012-12-07 14:40:46    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2012-12-07 14:35:16    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2012-12-07 14:35:16    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2012-12-07 14:35:15    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2012-12-07 14:00:36    972264    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{51FEC1A2-D1BC-4DE4-B0DD-D035F3C1BDCC}\gapaengine.dll
2012-12-07 13:55:11    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Thunderbird
2012-12-07 13:55:11    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Mozilla
2012-12-07 13:55:07    --------    d-----w-    C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-07 13:47:55    387    ----a-w-    C:\Users\Björn\AppData\Roaming\sp_data.sys
2012-12-07 13:46:16    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2012-12-07 13:46:13    --------    d-----w-    C:\Program Files\Microsoft Security Client
2012-12-07 13:42:09    --------    d-----r-    C:\Users\Björn\Dropbox
2012-12-07 13:41:05    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Dropbox
2012-12-07 13:29:32    --------    d-----w-    C:\Users\Björn\AppData\Roaming\ASUS
2012-12-07 13:24:36    9125352    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3DD5F791-C342-4692-BF9E-AD09CCB175F3}\mpengine.dll
2012-12-07 13:24:34    279656    ------w-    C:\Windows\System32\MpSigStub.exe
2012-12-07 13:20:43    --------    d-----w-    C:\Program Files (x86)\Intel Corporation
2012-12-07 13:20:43    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel Corporation
2012-12-07 13:16:41    29480    ----a-w-    C:\Windows\SysWow64\msxml3a.dll
2012-12-07 13:16:40    499712    ----a-w-    C:\Windows\SysWow64\msvcp71.dll
2012-12-07 13:16:40    348160    ----a-w-    C:\Windows\SysWow64\msvcr71.dll
2012-12-07 13:10:14    --------    d-----w-    C:\ProgramData\ASUS Music Maker
2012-12-07 13:10:14    --------    d-----w-    C:\Program Files (x86)\ASUS Music Maker
2012-12-07 13:09:18    80512    ----a-w-    C:\Windows\AsusScr_N6 Series_ENG Uninstaller.exe
2012-12-07 13:08:36    3058304    ----a-w-    C:\Windows\AsScrPro.exe
2012-12-07 13:07:58    162456    ----a-w-    C:\Windows\SysWow64\ACEngSvr.exe
2012-12-07 13:07:28    --------    d-----w-    C:\eSupport
2012-12-07 13:06:36    --------    d-----w-    C:\Program Files (x86)\MAGIX
2012-12-07 13:06:03    --------    d-----w-    C:\ProgramData\MAGIX
2012-12-07 13:05:09    --------    d-----w-    C:\Users\Björn\AppData\Roaming\MAGIX
2012-12-07 13:05:05    --------    d-----w-    C:\ProgramData\ASUS
2012-12-07 13:05:05    --------    d-----w-    C:\Program Files (x86)\Common Files\MAGIX Services
2012-12-07 13:04:37    196224    ----a-w-    C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2012-12-07 13:04:33    --------    d-----w-    C:\ProgramData\P4G
2012-12-07 13:03:32    379520    ----a-w-    C:\Windows\System32\FBAgent.exe
2012-12-07 13:03:32    --------    d-----w-    C:\Program Files\ASUS
2012-12-07 13:03:25    --------    d---a-w-    C:\ProgramData\ASUS Resource Center
2012-12-07 13:02:54    217216    ----a-w-    C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOnST.gadget\InstantOnCOM.dll
2012-12-07 13:02:08    --------    d-----w-    C:\ProgramData\USBChargerPlus
2012-12-07 13:00:33    17152    ----a-w-    C:\Windows\System32\drivers\AiCharger.sys
2012-12-07 12:59:58    --------    d-----w-    C:\Program Files (x86)\ASUS
2012-12-07 12:59:32    --------    d-----w-    C:\ProgramData\AmUStor
2012-12-07 12:59:28    --------    d-----w-    C:\Program Files (x86)\AmIcoSingLun
2012-12-07 12:57:36    --------    d--h--w-    C:\Windows\System32\WLANProfiles
2012-12-07 12:57:27    --------    d-----w-    C:\Users\Björn\AppData\Roaming\Intel
2012-12-07 12:57:15    --------    d-----w-    C:\Users\Björn\Roaming
2012-12-07 12:57:15    --------    d-----w-    C:\ProgramData\Roaming
2012-12-07 12:56:38    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2012-12-07 12:56:06    --------    d-----w-    C:\Program Files (x86)\Cisco
2012-12-07 12:56:05    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2012-12-07 12:55:53    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2012-12-07 12:55:53    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
2012-12-07 12:54:52    103536    ----a-w-    C:\Windows\System32\drivers\L1C62x64.sys
2012-12-07 12:54:36    --------    d-----w-    C:\Windows\SysWow64\Atheros_L1e
2012-12-07 12:51:58    1560168    ----a-w-    C:\Windows\System32\RTSnMg64.cpl
2012-12-07 12:49:02    --------    d-----w-    C:\Windows\SysWow64\NV
2012-12-07 12:49:02    --------    d-----w-    C:\Windows\System32\NV
2012-12-07 12:46:30    31040    ----a-w-    C:\Windows\System32\nvhdap64.dll
2012-12-07 12:46:30    188224    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2012-12-07 12:46:30    1451840    ----a-w-    C:\Windows\System32\nvhdagenco6420103.dll
2012-12-07 12:44:14    877928    ----a-w-    C:\Windows\System32\nv3dappshext.dll
2012-12-07 12:44:14    63336    ----a-w-    C:\Windows\System32\nvshext.dll
2012-12-07 12:44:14    55144    ----a-w-    C:\Windows\System32\nv3dappshextr.dll
2012-12-07 12:44:13    890216    ----a-w-    C:\Windows\System32\nvvsvc.exe
2012-12-07 12:44:13    3663213    ----a-w-    C:\Windows\System32\nvcoproc.bin
2012-12-07 12:44:13    3311464    ----a-w-    C:\Windows\System32\nvsvc64.dll
2012-12-07 12:44:12    6223208    ----a-w-    C:\Windows\System32\nvcpl.dll
2012-12-07 12:44:12    2557800    ----a-w-    C:\Windows\System32\nvsvcr.dll
2012-12-07 12:44:12    118120    ----a-w-    C:\Windows\System32\nvmctray.dll
2012-12-07 12:37:00    --------    d-----w-    C:\ProgramData\NVIDIA Corporation
2012-12-07 12:36:58    --------    d-----w-    C:\Program Files (x86)\NVIDIA Corporation
2012-12-07 12:36:52    1805672    ----a-w-    C:\Windows\System32\nvdispco64.dll
2012-12-07 12:36:52    1466176    ----a-w-    C:\Windows\System32\nvgenco64.dll
2012-12-07 12:34:48    983936    ----a-w-    C:\Windows\System32\nvumdshimx.dll
2012-12-07 12:34:48    841272    ----a-w-    C:\Windows\SysWow64\nvumdshim.dll
2012-12-07 12:34:45    364352    ----a-w-    C:\Windows\System32\nvdecodemft.dll
2012-12-07 12:34:45    301376    ----a-w-    C:\Windows\SysWow64\nvdecodemft.dll
2012-12-07 12:34:45    245432    ----a-w-    C:\Windows\System32\nvinitx.dll
2012-12-07 12:34:45    201136    ----a-w-    C:\Windows\SysWow64\nvinit.dll
2012-12-07 12:34:44    18045968    ----a-w-    C:\Windows\System32\nvd3dumx.dll
2012-12-07 12:34:38    2816824    ----a-w-    C:\Windows\System32\nvapi64.dll
2012-12-07 12:34:38    2496976    ----a-w-    C:\Windows\SysWow64\nvapi.dll
2012-12-07 12:30:42    --------    d-----w-    C:\Program Files\NVIDIA Corporation
2012-12-07 12:29:11    53248    ----a-w-    C:\Windows\SysWow64\CSVer.dll
2012-12-07 12:22:29    15128    ----a-w-    C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-12-07 12:21:52    --------    d-----w-    C:\Program Files (x86)\Common Files\postureAgent
2012-12-07 12:21:42    --------    d-----w-    C:\Intel
2012-12-07 12:21:26    --------    d-----w-    C:\Users\Björn\AppData\Roaming\InstallShield
2012-12-07 12:18:39    --------    d-sh--w-    C:\Windows\Installer
2012-12-07 12:01:06    --------    d-----w-    C:\Windows\Panther
2012-12-07 12:00:52    --------    d-sh--w-    C:\Boot
2012-11-30 21:43:52    438632    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2012-11-22 22:15:04    90960    ----a-w-    C:\Windows\System32\drivers\uimx64.sys
2012-11-22 22:15:04    633680    ----a-w-    C:\Windows\System32\drivers\Uim_IMx64.sys
2012-11-22 22:15:04    472016    ----a-w-    C:\Windows\System32\drivers\UimFIO.sys
2012-11-22 22:15:04    390352    ----a-w-    C:\Windows\System32\drivers\uim_vimx64.sys
2012-11-22 22:15:04    251728    ----a-w-    C:\Windows\SysWow64\prgiso.dll
.
==================== Find3M  ====================
.
2012-12-07 17:58:31    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2012-12-07 17:58:30    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2012-12-03 15:47:14    9271352    ----a-w-    C:\Windows\System32\nvcuda.dll
2012-11-28 13:17:24    90112    ----a-w-    C:\Windows\MAMCityDownload.ocx
2012-11-14 06:11:44    2312704    ----a-w-    C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2012-11-14 06:02:49    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22    1800704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27    420864    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2012-11-09 04:42:49    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2012-11-01 01:34:10    62104    ----a-w-    C:\Windows\System32\vmnetbridge.dll
2012-11-01 01:34:10    45720    ----a-w-    C:\Windows\System32\drivers\vmnetbridge.sys
2012-11-01 01:34:08    48792    ----a-w-    C:\Windows\System32\vnetinst.dll
2012-11-01 01:34:08    24216    ----a-w-    C:\Windows\System32\drivers\vmnet.sys
2012-11-01 01:34:08    20120    ----a-w-    C:\Windows\System32\drivers\vmnetadapter.sys
2012-11-01 00:02:08    353280    ----a-w-    C:\Windows\SysWow64\vmnc.dll
2012-10-29 15:44:56    315392    ----a-w-    C:\Windows\SysWow64\EMRegSys.dll
2012-10-29 07:14:20    1843072    ----a-w-    C:\Windows\System32\Wintab32.dll
2012-10-24 13:17:10    85104    ----a-w-    C:\Windows\System32\drivers\vmci.sys
2012-10-16 08:38:37    135168    ----a-w-    C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34    350208    ----a-w-    C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52    561664    ----a-w-    C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13    55296    ----a-w-    C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13    226816    ----a-w-    C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31    44032    ----a-w-    C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31    193536    ----a-w-    C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15    243200    ----a-w-    C:\Windows\System32\wow64.dll
2012-10-04 17:46:15    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55    338432    ----a-w-    C:\Windows\System32\conhost.exe
2012-10-04 14:46:46    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50    6144    ---ha-w-    C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54    1914248    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21    70656    ----a-w-    C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21    303104    ----a-w-    C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17    246272    ----a-w-    C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17    18944    ----a-w-    C:\Windows\System32\netevent.dll
2012-10-03 17:44:16    216576    ----a-w-    C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16    569344    ----a-w-    C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24    18944    ----a-w-    C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24    175104    ----a-w-    C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23    156672    ----a-w-    C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26    45568    ----a-w-    C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43    78336    ----a-w-    C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17    95744    ----a-w-    C:\Windows\System32\synceng.dll
.
============= FINISH: 13:37:52,41 ===============
 

Redigerad av Cecilia
Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Starta MBAM och gör en fullständig skanning. Klistra in loggen som skapas.

 

2012-12-21 08:54:39    --------    d-----w-    C:\Program Files (x86)\Topckit

Är ett program med dåligt rykte se http://www.mywot.com/en/scorecard/topckit.com och http://forums.malwarebytes.org/index.php?showtopic=91497

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Spara SystemLook på Skrivbordet från:

http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Dubbelklicka på SystemLook-filen för att köra den.

Kopiera alla rader i rutan

:dirC:\KernelsC:\Users\Björn\AppData\Roaming\No Company Name


och klistra in i det stora textfältet i SýstemLook.
Tryck på knappen Look för att starta sökningen.
När det är klart så kommer Anteckningar upp med en logg, och den klistrar du in här. Om loggen inte kommer upp så finns den som SystemLook.txt på Skrivbordet.

Länk till kommentar
Dela på andra webbplatser
hubalon

hubalon

Postad
  • Författare
Postad
Starta MBAM och gör en fullständig skanning. Klistra in loggen som skapas.

 

2012-12-21 08:54:39    --------    d-----w-    C:\Program Files (x86)\Topckit

Är ett program med dåligt rykte se http://www.mywot.com/en/scorecard/topckit.com och http://forums.malwarebytes.org/index.php?showtopic=91497

Länk till kommentar
Dela på andra webbplatser
hubalon

hubalon

Postad
  • Författare
Postad
Starta MBAM och gör en fullständig skanning. Klistra in loggen som skapas.

 

2012-12-21 08:54:39    --------    d-----w-    C:\Program Files (x86)\Topckit

Är ett program med dåligt rykte se http://www.mywot.com/en/scorecard/topckit.com och http://forums.malwarebytes.org/index.php?showtopic=91497

mbam-log-2012-12-21 (15-43-23).txt

Länk till kommentar
Dela på andra webbplatser
hubalon

hubalon

Postad
  • Författare
Postad

Spara SystemLook på Skrivbordet från:

http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Dubbelklicka på SystemLook-filen för att köra den.

Kopiera alla rader i rutan

:dir
C:\Kernels
C:\Users\Björn\AppData\Roaming\No Company Name

och klistra in i det stora textfältet i SýstemLook.

Tryck på knappen Look för att starta sökningen.

När det är klart så kommer Anteckningar upp med en logg, och den klistrar du in här. Om loggen inte kommer upp så finns den som SystemLook.txt på Skrivbordet.

SystemLook.txt

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Filer som ligger i karantän är oskadliggjorda och kan ligga kvar där.

 

I MBAM-loggen står det "Ingen åtgärd":

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|win32 (Trojan.StartPage) -> Data: "C:\kernels\drivers.vbs" -> Ingen åtgärd.
C:\Kernels\drivers.vbs (Trojan.StartPage) -> Ingen åtgärd.

Det kan bero på att du bifogade loggen innan MBAM åtgärdade det eller att du nekade MBAM att åtgärda det. Vet du vilket som gäller?

När det gäller Topckit får du själv avgöra om du vill ta bort den, men ovanstående två rader ska bort.

Länk till kommentar
Dela på andra webbplatser
hubalon

hubalon

Postad
  • Författare
Postad

Då jag fyller 70 nästa gång så är närminnet inte vad det borde vara.

 

Var hittar jag HKML.......? i regedit heter det ju HKEY.

 

Dock har jag sökt både i registret och i filträdet och hittar inget.

 

Efter omstart så kommer felmeddelandet i alla fall inte upp längre !!!

 

Då får jag tacka och önska en virusfri jul.

/Björn

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad (redigerade)

Tack detsamma! :)

 

Det är två rader från MBAM-loggen.

Men eftersom felmeddelandet inte längre kommer så måste du ha låtit MBAM ta bort de två raderna.

 

Kan du ta bort mappen C:\Kernels själv för den hör ihop med det skadliga programmet?

 

Nu återstår bara en sista städomgång:

1. Ta bort samtliga systemåterställningspunkter eftersom dessa kan vara infekterade.
Börja med att skapa en ny systemåterställningspunkt:
XP:
Start - Program- Tillbehör - Systemverktyg - Systemåterställning
Välj att skapa en ny återställningspunkt och tryck på Nästa.
Vista och Windows 7:
Högerklick på Datorn - Egenskaper - Systemskydd
Tryck på Skapa.

Ta sedan bort alla gamla systemåterställningspunkter genom att köra diskrensningsprogrammet.
Högerklicka på C: i Den här datorn/Utforskaren och välj Egenskaper.
På fliken Allmänt finns det en knapp som heter Diskrensning. Välj den.
Efter några minuter kommer programmet upp och då väljer du en flik som heter Fler alternativ eller något likande. Tryck på den Rensa-knapp som tar bort alla systemåterställningspunkter utom den senaste.
Beroende på Windows kan du behöva välja något om att du vill ta bort filer som gäller hela datorn/Windows innan den rätta fliken dyker upp.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet.
http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och DDS m.fl. rensningsprogram kommer att avinstalleras efter en omstart av datorn. Om något sådant program är kvar efter det så fråga hur du ska ta bort det. Ta bort eventuella loggar.

3. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.
http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

4. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Redigerad av Cecilia
Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Om de tre punkterna är skapade efter att datorn blev infekterad så är det olämpligt att ha kvar dem eftersom en återställning till dem kan göra att datorn blir infekterad igen. Diskrensning, som jag skrev om, brukar fungera bra för att ta bort gamla punkter.

Länk till kommentar
Dela på andra webbplatser

Delta i dialogen

Du kan skriva svaret nu och registrera dig senare, Om du har ett konto, logga in nu för att svara på inlägget.

Gäst
Svara i detta ämne...

×   Du har klistrat in innehåll med formatering.   Ta bort formatering

  Only 75 emoji are allowed.

×   Din länk har automatiskt bäddats in.   Visa som länk istället

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Dela
Gå till ämneslista
×
×
  • Skapa nytt...