Babbler1 Postad Maj 1, 2014 Dela Postad Maj 1, 2014 Hej! Kan någon vänlig själ hjälpa mig med denna logg? Tack på förhand! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:41:49, on 2014-05-01 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe C:\Users\NA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C: \Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13852 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module \20004\3.0.1313\6.8.1120\TmIEPlg32.dll O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9- 0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB- D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC- 5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared \Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806- AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion \companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C: \PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74- 9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\\AppData\Roaming\Spotify \Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\\AppData\Local\Google\Update \GoogleUpdate.exe" /c O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C: \PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Ski&cka till OneNote - res://C: \PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion \companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C: \Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer \WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7- D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer \WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer \WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7- D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer \WriterBrowserExtension.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081- 5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office \Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c- 8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office \Office14\ONBttnIE.dll O9 - Extra button: Länkade &anteckningar - {789FE86F-6FC4-46A1-9849- EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office \Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Länkade &anteckningar - {789FE86F-6FC4-46A1- 9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office \Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files \microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files \microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_ nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C: \Program Files\Trend Micro\Titanium\UIFramework \ProToolbarIMRatingActiveX.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing \NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows \SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader \Foxit Cloud\FCUpdateService.exe O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows \system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows \system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows \System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C: \Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core \daemonu.exe O23 - Service: PassShow - Unknown owner - C:\Program Files (x86)\PassShow \PassShowqEv161.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C: \Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision \nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11413 bytes Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Marion Postad Maj 1, 2014 Dela Postad Maj 1, 2014 Kör om hijack, och klistra in log-filen som uppträder i .txt-rutan här: http://www.hijackthis.de/ Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 2, 2014 Dela Postad Maj 2, 2014 (redigerade) Hej! Kan någon vänlig själ hjälpa mig med denna logg? Tack på förhand! Hej! Om du tror att datorn är infekterad är inte HijackThis ett tillräckligt bra program att använda längre, dels är det inte kompatibelt med 64-bitars Windows och dels visar det alldeles för lite av vad som händer i datorn. Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet: http://download.bleepingcomputer.com/farbar/FRST64.exe Starta FRST. Läs villkoren för programmet. Klicka på Yes för att acceptera. Klicka på Scan-knappen. När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet. Antingen klistra in innehållet i loggarna direkt i ditt svar, men använd då om möjligt Spoiler-funktionen som finns när du klickar på 3:e knappen från vänster i övre raden, eller bifoga de två filerna, och då får du först klicka på knappen "Växla till full redigering". Har du själv ställt in att en proxy-server ska användas, t ex för anonym surfning? R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13852 Redigerad Maj 2, 2014 av Cecilia Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 2, 2014 Författare Dela Postad Maj 2, 2014 Hej! Tack för ditt svar! Jag har INTE ställt in att proxy-servern ska användas för anonym surfing? Hur ändrar jag det? Här kommer loggarna. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014Ran by (administrator) on DATORRUMMET on 02-05-2014 08:47:45Running from C:\Users\\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: SwedishInternet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version:http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version:http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted oroutdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe() C:\Program Files (x86)\PassShow\PassShowqEvqTw.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe() C:\Program Files (x86)\PassShow\PassShowqEv161.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WindowsLive\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WindowsLive\WLIDSVCM.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe(Spotify Ltd) C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy2\SDTray.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy2\SDFSSvc.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy2\SDWSCSvc.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy2\SDUpdSvc.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-04] (Realtek Semiconductor)HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [44152 2013-07-23] (Trend Micro Inc.)HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\TrendMicro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend MicroInc.)HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search &Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKU\S-1-5-21-1521310780-587458791-887972967-1000\...\MountPoints2:{5d9366e9-9d8f-11e0-bcaf-806e6f6e6963} - H:\LaunchU3.exe -aHKU\S-1-5-21-1521310780-587458791-887972967-1000\...\MountPoints2:{f021a9b0-ec64-11e1-a642-74ea3a81f1fd} - G:\Startme.exe==================== Internet (Whitelisted) ====================ProxyEnable: Internet Explorer proxy is enabled.ProxyServer: http=127.0.0.1:13852HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =https://www.google.se/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =http://se.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page RedirectCache_TIMESTAMP = 0x6F48CE2CC231CC01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect CacheAcceptLangs = svURLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -No FileURLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} -No FileSearchScopes: HKCU - {51073AED-209E-4076-B66F-CA7425CE5E41} URL =http://se.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll(Trend Micro Inc.)BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (MicrosoftCorporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\WindowsLive\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\ProgramFiles (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSONCORPORATION / CyCom Technology Corp.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF}- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (MicrosoftCorporation)BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (TrendMicro Inc.)BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.)BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\ProgramFiles\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (MicrosoftCorporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (OracleCorporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll(Trend Micro Inc.)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (OracleCorporation)Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKOEPSON CORPORATION / CyCom Technology Corp.)Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No FileToolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No FileDPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F}http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000}http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend MicroInc.)Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend MicroInc.)Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - No FileHandler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No FileHandler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (TrendMicro Inc.)Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\ProgramFiles\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (TrendMicro Inc.)Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\ProgramFiles\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\ProgramFiles\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (TrendMicro Inc.)Tcpip\Parameters: [DhcpNameServer] 195.67.199.12 195.67.199.13FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\MicrosoftSilverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files(x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No FileFF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files(x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN SocialSoftware AB)FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files(x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files(x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files(x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files(x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files(x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No FileFF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files(x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files(x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CEAB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files(x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CEAB)FF Plugin-x32: @foxitsoftware.com/Foxit ReaderPlugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)FF Plugin-x32: @foxitsoftware.com/Foxit ReaderPlugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\FoxitSoftware\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files(x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files(x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files(x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files(x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\ProgramFiles (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\ProgramFiles (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\ProgramFiles (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIACorporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files(x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIACorporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files(x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files(x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files(x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files(x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\TrendMicro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24]FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextensionFF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013-10-13]FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\ProgramFiles\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\TrendMicro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-04-24]FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\TrendMicro\AMSP\module\20004\FxExt\firefoxextension\ []FF HKCU\...\Firefox\Extensions: [{110A8A34-4C2B-D11A-DA3E-E61A57AA48D2}] -C:\Program Files (x86)\PassShow\161.xpiFF Extension: PassShow - C:\Program Files (x86)\PassShow\161.xpi [2014-05-01]Chrome:=======CHR HomePage:CHR StartupUrls: ""CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll ()CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No FileCHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\BattlelogWeb Plugins\2.1.3\npesnlaunch.dll No FileCHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files(x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (FoxitCorporation)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\GoogleEarth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\MicrosoftSilverlight\4.1.10329.0\npctrl.dll No FileCHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll No FileCHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\WindowsLive\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No FileCHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No FileCHR Extension: (Angry Birds) - C:\Users\\AppData\Local\Google\Chrome\UserData\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-11-14]CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\UserData\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Trend Micro Toolbar) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf[2014-05-01]CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\MATSMA~1\AppData\Local\Temp\ccex.crx [2014-05-01]CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1135\8.0.1135\chrome_tmbep.crx [2014-05-01]CHR StartMenuInternet: Google Chrome - C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe==================== Services (Whitelisted) =================R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\CommonFiles\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe[759048 2009-05-14] (ABBYY)R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\FoxitReader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (FoxitCorporation)R2 PassShow; C:\Program Files (x86)\PassShow\PassShowqEv161.exe [1423362014-05-01] ()R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe"coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]==================== Drivers (Whitelisted) ====================S3 cleanhlp; C:\Users\\EEK\RUN\cleanhlp64.sys [57024 2014-02-08] (EmsisoftGmbH)R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14](Brother Industries Ltd.)S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [8115202009-05-14] (Windows ® Win 7 DDK provider)S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30](Todos Data System AB)R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [116264 2013-09-04](Trend Micro Inc.)R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04](Trend Micro Inc.)R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (TrendMicro Inc.)R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [100640 2013-06-13](Trend Micro Inc.)R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [85424 2013-09-04](Trend Micro Inc.)R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [303392 2013-05-15](Trend Micro Inc.)R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-08-22] (TrendMicro Inc.)S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [411648 2011-01-21](10Moons Technologies Co.,Ltd)U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14](Microsoft Corporation)U2 TMAgent;==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-05-02 08:47 - 2014-05-02 08:47 - 00021850 _____ () C:\Users\\Desktop\FRST.txt2014-05-02 08:46 - 2014-05-02 08:47 - 00000000 ____D () C:\FRST2014-05-02 08:45 - 2014-05-02 08:46 - 02062336 _____ (Farbar) C:\Users\\Desktop\FRST64.exe2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData\Local\EmieUserList2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData\Local\EmieSiteList2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\\Documents\ProcAlyzer Dumps2014-05-01 22:27 - 2014-05-01 23:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-05-01 22:27 - 2014-05-01 22:29 - 00000000 ____D () C:\Program Files(x86)\Spybot - Search & Destroy 22014-05-01 22:27 - 2014-05-01 22:27 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-05-01 22:27 - 2014-05-01 22:27 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-05-01 22:27 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-05-01 22:27 - 2013-09-20 10:49 - 00021040 _____ (Safer NetworkingLimited) C:\Windows\system32\sdnclean64.exe2014-05-01 22:25 - 2014-05-01 22:26 - 46392680 _____ (Safer-Networking Ltd.) C:\Users\\Desktop\spybot-2.3.exe2014-05-01 21:39 - 2014-05-02 08:17 - 00003011 _____ () C:\Users\\Desktop\HiJackThis.lnk2014-05-01 21:39 - 2014-05-01 21:39 - 01402880 _____ () C:\Users\\Desktop\HiJackThis.msi2014-05-01 21:39 - 2014-05-01 21:39 - 00000000 ____D () C:\Program Files(x86)\Trend Micro2014-05-01 08:14 - 2014-05-01 08:14 - 00001702 _____ () C:\Users\\Desktop\JRT.txt2014-05-01 07:52 - 2014-05-02 07:53 - 00000386 _____ () C:\Windows\Tasks\PassShow_wd.job2014-05-01 07:52 - 2014-05-01 07:52 - 00002990 _____ () C:\Windows\System32\Tasks\PassShow_wd2014-05-01 07:52 - 2014-05-01 07:52 - 00000000 ____D () C:\Program Files(x86)\PassShow2014-04-29 22:24 - 2014-03-06 12:21 - 23549440 _____ (MicrosoftCorporation) C:\Windows\system32\mshtml.dll2014-04-29 22:24 - 2014-03-06 11:32 - 02724864 _____ (MicrosoftCorporation) C:\Windows\system32\mshtml.tlb2014-04-29 22:24 - 2014-03-06 11:31 - 00004096 _____ (MicrosoftCorporation) C:\Windows\system32\ieetwcollectorres.dll2014-04-29 22:24 - 2014-03-06 11:19 - 17387008 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\mshtml.dll2014-04-29 22:24 - 2014-03-06 10:59 - 00066048 _____ (MicrosoftCorporation) C:\Windows\system32\iesetup.dll2014-04-29 22:24 - 2014-03-06 10:57 - 00548352 _____ (MicrosoftCorporation) C:\Windows\system32\vbscript.dll2014-04-29 22:24 - 2014-03-06 10:57 - 00048640 _____ (MicrosoftCorporation) C:\Windows\system32\ieetwproxystub.dll2014-04-29 22:24 - 2014-03-06 10:53 - 02767360 _____ (MicrosoftCorporation) C:\Windows\system32\iertutil.dll2014-04-29 22:24 - 2014-03-06 10:40 - 00051200 _____ (MicrosoftCorporation) C:\Windows\system32\jsproxy.dll2014-04-29 22:24 - 2014-03-06 10:39 - 00033792 _____ (MicrosoftCorporation) C:\Windows\system32\iernonce.dll2014-04-29 22:24 - 2014-03-06 10:32 - 02724864 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\mshtml.tlb2014-04-29 22:24 - 2014-03-06 10:32 - 00574976 _____ (MicrosoftCorporation) C:\Windows\system32\ieui.dll2014-04-29 22:24 - 2014-03-06 10:29 - 00139264 _____ (MicrosoftCorporation) C:\Windows\system32\ieUnatt.exe2014-04-29 22:24 - 2014-03-06 10:29 - 00111616 _____ (MicrosoftCorporation) C:\Windows\system32\ieetwcollector.exe2014-04-29 22:24 - 2014-03-06 10:28 - 00752640 _____ (MicrosoftCorporation) C:\Windows\system32\jscript9diag.dll2014-04-29 22:24 - 2014-03-06 10:15 - 00940032 _____ (MicrosoftCorporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-04-29 22:24 - 2014-03-06 10:11 - 05784064 _____ (MicrosoftCorporation) C:\Windows\system32\jscript9.dll2014-04-29 22:24 - 2014-03-06 10:09 - 00453120 _____ (MicrosoftCorporation) C:\Windows\system32\dxtmsft.dll2014-04-29 22:24 - 2014-03-06 10:03 - 00586240 _____ (MicrosoftCorporation) C:\Windows\system32\ie4uinit.exe2014-04-29 22:24 - 2014-03-06 10:02 - 00455168 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\vbscript.dll2014-04-29 22:24 - 2014-03-06 10:02 - 00061952 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\iesetup.dll2014-04-29 22:24 - 2014-03-06 10:01 - 00051200 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-04-29 22:24 - 2014-03-06 09:56 - 00038400 _____ (MicrosoftCorporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-04-29 22:24 - 2014-03-06 09:48 - 00195584 _____ (MicrosoftCorporation) C:\Windows\system32\msrating.dll2014-04-29 22:24 - 2014-03-06 09:47 - 02178048 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\iertutil.dll2014-04-29 22:24 - 2014-03-06 09:46 - 04254720 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\jscript9.dll2014-04-29 22:24 - 2014-03-06 09:46 - 00043008 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\jsproxy.dll2014-04-29 22:24 - 2014-03-06 09:45 - 00032768 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\iernonce.dll2014-04-29 22:24 - 2014-03-06 09:42 - 00296960 _____ (MicrosoftCorporation) C:\Windows\system32\dxtrans.dll2014-04-29 22:24 - 2014-03-06 09:40 - 00440832 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ieui.dll2014-04-29 22:24 - 2014-03-06 09:38 - 00112128 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ieUnatt.exe2014-04-29 22:24 - 2014-03-06 09:36 - 00592896 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\jscript9diag.dll2014-04-29 22:24 - 2014-03-06 09:22 - 00367616 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\dxtmsft.dll2014-04-29 22:24 - 2014-03-06 09:21 - 00628736 _____ (MicrosoftCorporation) C:\Windows\system32\msfeeds.dll2014-04-29 22:24 - 2014-03-06 09:13 - 00032256 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-29 22:24 - 2014-03-06 09:11 - 02043904 _____ (MicrosoftCorporation) C:\Windows\system32\inetcpl.cpl2014-04-29 22:24 - 2014-03-06 09:07 - 00164864 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\msrating.dll2014-04-29 22:24 - 2014-03-06 09:01 - 00244224 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\dxtrans.dll2014-04-29 22:24 - 2014-03-06 08:53 - 13551104 _____ (MicrosoftCorporation) C:\Windows\system32\ieframe.dll2014-04-29 22:24 - 2014-03-06 08:46 - 00524288 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\msfeeds.dll2014-04-29 22:24 - 2014-03-06 08:40 - 01967104 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\inetcpl.cpl2014-04-29 22:24 - 2014-03-06 08:36 - 11745792 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ieframe.dll2014-04-29 22:24 - 2014-03-06 08:22 - 02260480 _____ (MicrosoftCorporation) C:\Windows\system32\wininet.dll2014-04-29 22:24 - 2014-03-06 07:58 - 01400832 _____ (MicrosoftCorporation) C:\Windows\system32\urlmon.dll2014-04-29 22:24 - 2014-03-06 07:50 - 00846336 _____ (MicrosoftCorporation) C:\Windows\system32\ieapfltr.dll2014-04-29 22:24 - 2014-03-06 07:43 - 00704512 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ieapfltr.dll2014-04-29 22:24 - 2014-03-06 07:41 - 01789440 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\wininet.dll2014-04-29 22:24 - 2014-03-06 07:36 - 01143808 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\urlmon.dll2014-04-29 21:22 - 2014-04-29 21:22 - 00000000 ____D () C:\Users\\Desktop\Game.of.Thrones.S04E04.720p.HDTV.x264-KILLERS._www.Undertexter.se2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\\Desktop\Person.of.Interest.S03E20.720p.HDTV.x264-DIMENSION._www.Undertexter.se2014-04-27 23:51 - 2014-04-27 23:51 - 00000000 ____D () C:\Users\\Desktop\Vikings.S02E09.The.Choice.1080p.WEB-DL.DD5.1.H.264-CtrlHD._www.Undertexter.se2014-04-25 15:31 - 2014-04-25 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-04-25 15:31 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation)C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-25 15:31 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation)C:\Windows\SysWOW64\javaws.exe2014-04-25 15:31 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation)C:\Windows\SysWOW64\javaw.exe2014-04-25 15:31 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation)C:\Windows\SysWOW64\java.exe2014-04-25 15:30 - 2014-04-25 15:31 - 00004231 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log2014-04-09 17:24 - 2014-02-04 04:35 - 00274880 _____ (MicrosoftCorporation) C:\Windows\system32\Drivers\msiscsi.sys2014-04-09 17:24 - 2014-02-04 04:35 - 00190912 _____ (MicrosoftCorporation) C:\Windows\system32\Drivers\storport.sys2014-04-09 17:24 - 2014-02-04 04:35 - 00027584 _____ (MicrosoftCorporation) C:\Windows\system32\Drivers\Diskdump.sys2014-04-09 17:24 - 2014-02-04 04:28 - 00002048 _____ (MicrosoftCorporation) C:\Windows\system32\iologmsg.dll2014-04-09 17:24 - 2014-02-04 04:00 - 00002048 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\iologmsg.dll2014-04-09 17:19 - 2014-03-04 11:44 - 01163264 _____ (MicrosoftCorporation) C:\Windows\system32\kernel32.dll2014-04-09 17:19 - 2014-03-04 11:44 - 00362496 _____ (MicrosoftCorporation) C:\Windows\system32\wow64win.dll2014-04-09 17:19 - 2014-03-04 11:44 - 00243712 _____ (MicrosoftCorporation) C:\Windows\system32\wow64.dll2014-04-09 17:19 - 2014-03-04 11:44 - 00016384 _____ (MicrosoftCorporation) C:\Windows\system32\ntvdm64.dll2014-04-09 17:19 - 2014-03-04 11:44 - 00013312 _____ (MicrosoftCorporation) C:\Windows\system32\wow64cpu.dll2014-04-09 17:19 - 2014-03-04 11:17 - 00014336 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\ntvdm64.dll2014-04-09 17:19 - 2014-03-04 11:16 - 01114112 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\kernel32.dll2014-04-09 17:19 - 2014-03-04 11:16 - 00025600 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\setup16.exe2014-04-09 17:19 - 2014-03-04 11:16 - 00005120 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\wow32.dll2014-04-09 17:19 - 2014-03-04 10:09 - 00007680 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\instnm.exe2014-04-09 17:19 - 2014-03-04 10:09 - 00002048 _____ (MicrosoftCorporation) C:\Windows\SysWOW64\user.exe2014-04-09 17:18 - 2014-01-24 04:37 - 01684928 _____ (MicrosoftCorporation) C:\Windows\system32\Drivers\ntfs.sys2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\Documents\Electronic Arts2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\AppData\Local\Electronic Arts2014-04-07 21:52 - 2014-04-07 21:52 - 00000735 _____ () C:\Users\Public\Desktop\Dead Space.lnk2014-04-07 21:52 - 2014-04-07 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space2014-04-07 18:21 - 2014-04-07 18:21 - 03822704 _____ () C:\Users\\Desktop\battlelog-web-plugins_2.3.2_133.exe==================== One Month Modified Files and Folders =======2014-05-02 08:47 - 2014-05-02 08:47 - 00021850 _____ () C:\Users\\Desktop\FRST.txt2014-05-02 08:47 - 2014-05-02 08:46 - 00000000 ____D () C:\FRST2014-05-02 08:46 - 2014-05-02 08:45 - 02062336 _____ (Farbar) C:\Users\\Desktop\FRST64.exe2014-05-02 08:44 - 2013-07-24 00:10 - 01219443 _____ () C:\Windows\WindowsUpdate.log2014-05-02 08:43 - 2014-01-25 22:21 - 00000000 ____D () C:\Program Files\Screenshots2014-05-02 08:32 - 2011-11-13 14:14 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000UA.job2014-05-02 08:17 - 2014-05-01 21:39 - 00003011 _____ () C:\Users\\Desktop\HiJackThis.lnk2014-05-02 08:07 - 2014-03-07 16:55 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-02 07:55 - 2012-08-25 10:22 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-05-02 07:53 - 2014-05-01 07:52 - 00000386 _____ () C:\Windows\Tasks\PassShow_wd.job2014-05-02 07:42 - 2014-02-11 19:25 - 00000396 _____ () C:\Windows\Tasks\PassShow Update.job2014-05-02 00:37 - 2009-07-14 09:43 - 00675230 _____ () C:\Windows\system32\perfh01D.dat2014-05-02 00:37 - 2009-07-14 09:43 - 00146370 _____ () C:\Windows\system32\perfc01D.dat2014-05-02 00:37 - 2009-07-14 07:13 - 01611518 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData\Local\EmieUserList2014-05-02 00:35 - 2014-05-02 00:35 - 00000000 __SHD () C:\Users\\AppData\Local\EmieSiteList2014-05-01 23:34 - 2014-05-01 23:34 - 00000000 ____D () C:\Users\\Documents\ProcAlyzer Dumps2014-05-01 23:34 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-05-01 22:29 - 2014-05-01 22:27 - 00000000 ____D () C:\Program Files(x86)\Spybot - Search & Destroy 22014-05-01 22:27 - 2014-05-01 22:27 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-05-01 22:27 - 2014-05-01 22:27 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-05-01 22:27 - 2014-05-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-05-01 22:26 - 2014-05-01 22:25 - 46392680 _____ (Safer-Networking Ltd.) C:\Users\\Desktop\spybot-2.3.exe2014-05-01 21:39 - 2014-05-01 21:39 - 01402880 _____ () C:\Users\\Desktop\HiJackThis.msi2014-05-01 21:39 - 2014-05-01 21:39 - 00000000 ____D () C:\Program Files(x86)\Trend Micro2014-05-01 21:39 - 2012-01-22 17:16 - 00000000 ____D () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2014-05-01 21:09 - 2014-01-05 22:37 - 00000000 ____D () C:\Users\\AppData\Roaming\vlc2014-05-01 15:55 - 2012-08-25 10:22 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-05-01 15:32 - 2011-11-13 14:14 - 00000984 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000Core.job2014-05-01 08:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-01 08:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-01 08:25 - 2011-06-23 15:32 - 00000000 ____D () C:\ProgramData\NVIDIA2014-05-01 08:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-01 08:14 - 2014-05-01 08:14 - 00001702 _____ () C:\Users\\Desktop\JRT.txt2014-05-01 08:08 - 2011-06-23 21:07 - 00000000 ____D () C:\Program Files\CCleaner2014-05-01 08:01 - 2012-03-14 21:19 - 00000000 ____D () C:\Users\\AppData\Roaming\uTorrent2014-05-01 07:52 - 2014-05-01 07:52 - 00002990 _____ () C:\Windows\System32\Tasks\PassShow_wd2014-05-01 07:52 - 2014-05-01 07:52 - 00000000 ____D () C:\Program Files(x86)\PassShow2014-05-01 07:52 - 2014-02-11 19:25 - 00003060 _____ () C:\Windows\System32\Tasks\PassShow Update2014-04-30 21:19 - 2011-07-03 09:20 - 00000000 ____D () C:\Users\\AppData\Roaming\Spotify2014-04-30 15:16 - 2012-09-25 21:54 - 00000000 ____D () C:\Windows\rescache2014-04-30 14:19 - 2013-04-26 12:41 - 00000000 ____D () C:\Users\\AppData\Local\Spotify2014-04-29 23:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-04-29 21:22 - 2014-04-29 21:22 - 00000000 ____D () C:\Users\\Desktop\Game.of.Thrones.S04E04.720p.HDTV.x264-KILLERS._www.Undertexter.se2014-04-28 21:07 - 2014-03-07 16:55 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-04-28 21:07 - 2012-04-02 07:32 - 00692400 _____ (Adobe SystemsIncorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-04-28 21:07 - 2011-06-23 18:25 - 00070832 _____ (Adobe SystemsIncorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-27 23:56 - 2014-04-27 23:56 - 00000000 ____D () C:\Users\\Desktop\Person.of.Interest.S03E20.720p.HDTV.x264-DIMENSION._www.Undertexter.se2014-04-27 23:51 - 2014-04-27 23:51 - 00000000 ____D () C:\Users\\Desktop\Vikings.S02E09.The.Choice.1080p.WEB-DL.DD5.1.H.264-CtrlHD._www.Undertexter.se2014-04-27 23:46 - 2011-10-02 13:47 - 00000000 ____D () C:\ProgramData\Origin2014-04-27 21:10 - 2011-10-14 11:39 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2014-04-27 21:10 - 2011-06-25 16:26 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2014-04-27 21:09 - 2011-06-25 16:15 - 00291088 _____ () C:\Windows\SysWOW64\PnkBstrB.ex02014-04-27 21:06 - 2011-10-02 13:47 - 00000000 ____D () C:\Program Files(x86)\Origin2014-04-25 15:31 - 2014-04-25 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-04-25 15:31 - 2014-04-25 15:30 - 00004231 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log2014-04-25 15:31 - 2014-01-04 17:43 - 00000000 ____D () C:\ProgramData\Oracle2014-04-25 15:31 - 2014-01-04 17:42 - 00000000 ____D () C:\Program Files(x86)\Java2014-04-14 20:13 - 2014-04-25 15:31 - 00096168 _____ (Oracle Corporation)C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-04-14 20:05 - 2014-04-25 15:31 - 00264616 _____ (Oracle Corporation)C:\Windows\SysWOW64\javaws.exe2014-04-14 20:05 - 2014-04-25 15:31 - 00175528 _____ (Oracle Corporation)C:\Windows\SysWOW64\javaw.exe2014-04-14 20:04 - 2014-04-25 15:31 - 00175016 _____ (Oracle Corporation)C:\Windows\SysWOW64\java.exe2014-04-12 15:49 - 2011-08-24 19:24 - 00000000 ____D () C:\Users\\AppData\Roaming\dvdcss2014-04-11 19:21 - 2011-09-13 07:51 - 00000000 ____D () C:\Users\\AppData\Local\Windows Live2014-04-09 23:21 - 2013-08-15 01:00 - 00000000 ____D () C:\Windows\system32\MRT2014-04-09 23:21 - 2012-01-24 22:13 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-04-09 23:19 - 2011-06-23 19:30 - 90655440 _____ (MicrosoftCorporation) C:\Windows\system32\MRT.exe2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\Documents\Electronic Arts2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\Users\\AppData\Local\Electronic Arts2014-04-07 21:52 - 2014-04-07 21:52 - 00000735 _____ () C:\Users\Public\Desktop\Dead Space.lnk2014-04-07 21:52 - 2014-04-07 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space2014-04-07 21:52 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-04-07 18:21 - 2014-04-07 18:21 - 03822704 _____ () C:\Users\\Desktop\battlelog-web-plugins_2.3.2_133.exe2014-04-07 18:21 - 2011-10-02 15:28 - 00000000 ____D () C:\Program Files(x86)\Battlelog Web Plugins2014-04-06 08:36 - 2014-02-01 12:22 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT_NEW.exe2014-04-03 15:34 - 2013-03-15 17:04 - 00007168 _____ () C:\Users\\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-04-03 15:33 - 2013-10-29 20:46 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-04-29 17:48==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014Ran by at 2014-05-02 08:48:09Running from C:\Users\\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Trend Micro Titanium Internet Security (Enabled - Up to date){5D349EF8-873B-C657-917F-F1D93E101A7C}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}AS: Trend Micro Titanium Internet Security (Enabled - Up to date){E6557F1C-A101-C9D9-ABCF-CAAB459750C1}==================== Installed Programs ======================µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint)(Version: 9.01.513.58212 - ABBYY)ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) HiddenActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - MicrosoftCorporation)Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX)(Version: 13.0.0.206 - Adobe Systems Incorporated)Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin)(Version: 13.0.0.206 - Adobe Systems Incorporated)Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1)(Version: - Audacity Team)BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF})(Version: 1.4.0.0 - Electronic Arts)Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7})(Version: 1.1.0.1 - Electronic Arts)Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2- EA Digital Illusions CE AB)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version:3.0.0.10 - Apple Inc.)Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version: - ) HiddenCall of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710)(Version: - Treyarch)Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: -Treyarch)CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGEGATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon InternetLibrary for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task)(Version: 3.2.0.10 - Canon Inc.)Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version:7.1.0.2 - Canon Inc.)Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version:3.3.0.0 - Canon Inc.)Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 -Canon Inc.)Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - CanonInc.)Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45- Canon Inc.)Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor)(Version: 1.2.0.1 - Canon Inc.)Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version:6.1.1.21 - Canon Inc.)Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EXMemory Card Utility) (Version: 1.1.0.8 - Canon Inc.)CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version:4.3.8.2631 - CDBurnerXP)Contents (x32 Version: 14.0.1.13 - Corel Corporation) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version:1.0.0.222 - Electronic Arts)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition(HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)DeviceIO (x32 Version: 14.0.1.13 - Corel Corporation) HiddenDVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)Emil (HKLM-x32\...\Emil) (Version: - )Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKOEPSON CORPORATION)Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47})(Version: 2.40.0001 - SEIKO EPSON CORPORATION)EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko EpsonCorporation)EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series)(Version: - SEIKO EPSON Corporation)EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799})(Version: 2.4j - SEIKO EPSON CORPORATION)EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293})(Version: 3.3a - SEIKO EPSON CORPORATION)ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN SocialSoftware AB)ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN SocialSoftware AB)ffdshow x64 v1.1.3814 [2011-04-11] (HKLM\...\ffdshow64_is1) (Version:1.1.3814.0 - )Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1)(Version: 1.2.75.126 - Foxit Corporation)Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - FoxitCorporation)Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - GoogleInc.)Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E})(Version: 7.1.2.2041 - Google)Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) HiddenHiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version:1.0.0 - Trend Micro)ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF})(Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenLAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: -)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMessenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation)HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (SVE) (Version: 4.5.50938 - MicrosoftCorporation) HiddenMicrosoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - MicrosoftCorporation) HiddenMicrosoft Office Access MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Excel MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Groove MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000- Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR)(Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Proof (Finnish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Proof (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Proofing (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000- Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (Swedish) 2010 (Version: 14.0.7015.1000- Microsoft Corporation) HiddenMicrosoft Office Shared MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Office Word MUI (Swedish) 2010 (x32 Version: 14.0.7015.1000 -Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})(Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 -Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 -Microsoft Corporation) HiddenMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - MicrosoftCorporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 -Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - MicrosoftCorporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - MicrosoftCorporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - MicrosoftCorporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - MicrosoftCorporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - MicrosoftCorporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version:11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version:11.0.60610 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )NVIDIA 3D Vision Controller Driver (x32 Version: 275.33 - NVIDIACorporation) HiddenNVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation)HiddenNVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIACorporation) HiddenNVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) HiddenNVIDIAs kontrollpanel 311.06 (Version: 311.06 - NVIDIA Corporation) HiddenOrigin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)PassShow (HKLM-x32\...\8C914602-36D7-3AE8-6DA0-CE525CDAAA03) (Version: -PassShow-software) <==== ATTENTIONPinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8})(Version: 15.0.0.7593 - Pinnacle Systems)Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)Pinnacle Video-drivrutiner (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - EvenBalance, Inc.)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0022 - Realtek)Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 -Renesas Electronics Corporation)Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 -Renesas Electronics Corporation) HiddenService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32Version: - Microsoft) HiddenShare (x32 Version: 14.0.1.13 - Corel Corporation) HiddenShare64 (Version: 14.0.1.13 - Corel Corporation) HiddenSpotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version:1.0.0.0 - Valve Corporation)System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) HiddenTrend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-041D-0000-0000000FF1CE}_Office14.PROPLUSR_{6D7DEB21-7536-421F-9A37-D599F5D7920B}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-041D-0000-0000000FF1CE}_Office14.PROPLUSR_{EC04A626-7160-4E90-BD93-4226EFBDB5F9}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition(HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition(HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 -Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version:15.4.3555.0308 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live Family Safety (Version: 15.4.3555.0308 - MicrosoftCorporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4232.0 - MicrosoftCorporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live Language Selector (Version: 15.4.3555.0308 - MicrosoftCorporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)HiddenWindows Live Messenger (x32 Version: 15.4.3538.0513 - MicrosoftCorporation) HiddenWindows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 -Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - MicrosoftCorporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - MicrosoftCorporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - MicrosoftCorporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 -Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - MicrosoftCorporation) HiddenWinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rarGmbH)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 -VideoLAN)==================== Restore Points =========================01-05-2014 07:01:49 Schemalagd kontrollpunkt01-05-2014 22:08:48 TITANUIMRES==================== Hosts content: ==========================2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============Task: {02E70707-8D26-49B1-BCAD-6A29D3ABB953} - System32\Tasks\{19F87C4F-16ED-4C0F-A752-2E5A5F0E3775} => D:\Spel\CoD4\iw3mp.exeTask: {26876944-40D2-4077-97A7-657F987A3F7B} - System32\Tasks\Adobe FlashPlayer Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)Task: {3066D6B7-3F6B-4A88-B23B-22C5AF8ADE21} - System32\Tasks\{50C6B351-602C-460A-8729-BCD19E367A06} => D:\Spel\CoD4\iw3mp.exeTask: {32EC37AE-4BC1-4EA4-B863-4AC427D2A232} - System32\Tasks\Titanium BTC=> C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27](Trend Micro Inc.)Task: {4BA196C8-C694-47F1-A48E-FE4F1EB177CA} - System32\Tasks\{0680CAE7-45AC-41DA-BE24-3FE9B55BB9EA} => C:\Program Files (x86)\Activision\Call ofDuty 4 - Modern Warfare\iw3mp.exeTask: {5EF68C90-86CF-4930-BCE7-6659C0713A19} - System32\Tasks\{7F77EAF3-ED98-49C9-9804-6C2BB871C696} => D:\Spel\CoD4\iw3mp.exeTask: {5F9C8E46-60EE-4E00-840B-7DBC16528F18} - System32\Tasks\{64293FC0-A411-4B54-B97A-08AD6D3B6D29} => C:\Program Files (x86)\Activision\Call ofDuty 4 - Modern Warfare\iw3mp.exeTask: {677B199D-3A86-42D2-B727-DD35D6D65BA3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000Core =>C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13] (GoogleInc.)Task: {6C0744FE-12B1-40B5-98DB-323037BE090C} - System32\Tasks\{77D546B5-8413-47F6-AA38-33A1774C0116} => D:\Spel\CoD4\iw3mp.exeTask: {727D5EF1-0457-4C11-8CD7-160A5A31B823} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17](Piriform Ltd)Task: {96CD5B6A-9424-4EE1-B0C7-CE1585E790F9} - System32\Tasks\PassShow_wd=> C:\Program Files (x86)\PassShow\PassShowqEvqTw.exe [2014-05-01] () <====ATTENTIONTask: {B5AEDF90-4D36-4721-AA5E-D71BE2CBE1A1} - System32\Tasks\{B86E1395-4481-46DE-9F2F-95DA692D0FDD} => C:\Program Files (x86)\Activision\Call ofDuty 4 - Modern Warfare\iw3mp.exeTask: {C96ADFB7-3C0D-42D7-B2A9-7512F575B68E} - System32\Tasks\PassShowUpdate => C:\Program Files (x86)\PassShow\PassShowqEv.exe [2014-05-01] ()<==== ATTENTIONTask: {EFD5E285-4AD1-43DE-AE5B-5AF278832AA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-25] (Google Inc.)Task: {FB06FA1E-554B-4082-B62E-7841CE5C55C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13] (GoogleInc.)Task: {FD703C96-D80A-4AA3-997F-5CE22CB7FDB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-25] (Google Inc.)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files(x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files(x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000Core.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1521310780-587458791-887972967-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\PassShow Update.job => C:\Program Files(x86)\PassShow\PassShowqEv.exe <==== ATTENTIONTask: C:\Windows\Tasks\PassShow_wd.job => C:\Program Files (x86)\PassShow\PassShowqEvqTw.exe <==== ATTENTION==================== Loaded Modules (whitelisted) =============2011-09-27 18:04 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF2011-06-23 21:25 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll2013-10-13 08:41 - 2013-01-16 04:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll2013-10-13 08:41 - 2013-04-02 06:25 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll2013-10-13 08:41 - 2013-01-16 04:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll2013-10-13 08:41 - 2012-12-18 22:06 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll2013-10-13 08:41 - 2013-01-16 04:19 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll2013-10-13 08:33 - 2013-07-23 17:28 - 00247352 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll2014-05-01 07:52 - 2014-05-01 07:52 - 00077312 _____ () C:\Program Files(x86)\PassShow\PassShowqEvqTw.exe2014-01-09 17:48 - 2013-12-18 15:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll2014-05-01 07:52 - 2014-05-01 07:52 - 00142336 _____ () C:\Program Files(x86)\PassShow\PassShowqEv161.exe2011-10-14 11:39 - 2013-10-31 04:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-05-01 07:52 - 2014-05-01 07:52 - 00133120 _____ () C:\Program Files(x86)\PassShow\PassShowqEv161.dll2013-10-15 16:54 - 2013-08-29 09:58 - 00882584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\WLMailApiCore.dll2014-05-01 22:27 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files(x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl2014-05-01 22:27 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files(x86)\Spybot - Search & Destroy 2\DEC150.bpl2014-05-01 22:27 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files(x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl2014-05-01 22:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files(x86)\Spybot - Search & Destroy 2\sqlite3.dll2014-05-01 22:27 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files(x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ===================HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp =>""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys =>""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp =>""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys =>""="Driver"==================== Disabled items from MSCONFIG ==============MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^StartMenu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankIDsäkerhetsprogram.lnk.CommonStartupMSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^StartMenu^Programs^Startup^Personal.lnk => C:\Windows\pss\Personal.lnk.CommonStartupMSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesMSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\EpsonSoftware\Event Manager\EEventManager.exe"MSCONFIG\startupreg: EPSON SX525WD Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_SF0F2.tmp" /EF "HKCU"MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestartMSCONFIG\startupreg: Google Update => "C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe" /cMSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startupMSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeMSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\RenesasElectronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeMSCONFIG\startupreg: Spotify => "C:\Users\\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostartMSCONFIG\startupreg: Spotify Web Helper => "C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\CommonFiles\Java\Java Update\jusched.exe"==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (05/02/2014 00:08:48 AM) (Source: VSS) (User: )Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel närgränssnittet IVssWriterCallback skulle erhållas. hr = 0x80070005, Åtkomstnekad..Det orsakas ofta av inkorrekta säkerhetsinställningar i processen förantingen skrivaren eller beställaren.Åtgärd:Samlar in skrivardataKontext:Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}Skrivarnamn: System WriterSkrivarinstans-ID:{05483f3a-838c-4006-a7ee-7985b4640c58}System errors:=============Error: (05/01/2014 08:27:33 AM) (Source: Service Control Manager) (User: )Description: Tjänsten NVIDIA Update Service Daemon kunde inte startas pågrund av följande fel:%%1069Error: (05/01/2014 08:27:33 AM) (Source: Service Control Manager) (User: )Description: Tjänsten nvUpdatusService kunde inte logga in som .\UpdatusUser med det för närvarande konfigurerade lösenordet på grund avföljande fel:%%1330Kontrollera att tjänsten är korrekt konfigurerad med hjälp av snapin-modulen Tjänster i MMC (Microsoft Management Console).Error: (05/01/2014 08:26:20 AM) (Source: DCOM) (User: NT instans)Description: programspecifikLokalStarta{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT instansSYSTEMS-1-5-18LocalHost (med LRPC)Microsoft Office Sessions:=========================Error: (05/02/2014 00:08:48 AM) (Source: VSS)(User: )Description: 0x80070005, Åtkomst nekad.Åtgärd:Samlar in skrivardataKontext:Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}Skrivarnamn: System WriterSkrivarinstans-ID:{05483f3a-838c-4006-a7ee-7985b4640c58}CodeIntegrity Errors:===================================Date: 2011-11-01 20:30:24.848Description: Windows is unable to verify the image integrity of the file\Device\HarddiskVolume1\Users\MA~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recenthardware or software change might have installed a file that is signedincorrectly or damaged, or that might be malicious software from an unknownsource.Date: 2011-11-01 20:30:24.831Description: Windows is unable to verify the image integrity of the file\Device\HarddiskVolume1\Users\MA~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recenthardware or software change might have installed a file that is signedincorrectly or damaged, or that might be malicious software from an unknownsource.==================== Memory info ===========================Percentage of memory in use: 28%Total physical RAM: 8172.48 MBAvailable physical RAM: 5818.36 MBTotal Pagefile: 16343.15 MBAvailable Pagefile: 12890.25 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB==================== Drives ================================Drive c: () (Fixed) (Total:127.99 GB) (Free:11.32 GB) NTFS ==>[Drive withboot components (obtained from BCD)]Drive d: (Spel) (Fixed) (Total:337.77 GB) (Free:15.78 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000001)Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=338 GB) - (Type=07 NTFS)==================== End Of Log ============================ Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
plastiq Postad Maj 2, 2014 Dela Postad Maj 2, 2014 (redigerade) Efter att ha läst loggen,, får Cecilia ordning på allt blir jag mäkta imponerad. Inte på något sätt illa menat mot någon. Redigerad Maj 2, 2014 av plastiq Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 2, 2014 Dela Postad Maj 2, 2014 Om det är möjligt avinstallera "PassShow" i Kontrollpanelens lista över installerade program. Starta om datorn. Kör FRST igen, men denna gång får du bifoga loggarna för alla extra radbrytningarna gjorde dem svårlästa och det går inte att enkelt kopiera rader till ett skript. PassShow: http://www.systemlookup.com/CLSID/81984-157_dll.html Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 2, 2014 Författare Dela Postad Maj 2, 2014 (redigerade) Tack för ditt svar! Jag har avinstallerat PassShow. Jag har startat om datorn. Här kommer loggarna! Som du ser har jag tagit bort mitt namn i loggarna:) Mvh Babbler FRST.txt Addition.txt Redigerad Maj 2, 2014 av Babbler1 Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 2, 2014 Dela Postad Maj 2, 2014 Ingen orsak Och i och med avinstallationen har proxy-servern försvunnit också. 1. Det här: CHR Plugin: (Java Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) är en mycket gammal Java-version med kända säkerhetshål. Du bör kunna avinstallera den inifrån Chrome. 2. Starta Anteckningar. Kopiera alla rader i rutan: URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\MATSMA~1\AppData\Local\Temp\ccex.crx [2014-05-01] S3 cleanhlp; C:\Users\\EEK\RUN\cleanhlp64.sys [57024 2014-02-08] (Emsisoft GmbH) och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.Spara filen på skrivbordet med namnet fixlist.txt. Stäng av alla program inklusive Spybot S&D. Starta FRST som finns på skrivbordet. Klicka på knappen Fix. Vänta tills programmet är klart. Programmet skapar en logg Fixlog.txt på skrivbordet. Klistra in innehållet i den i ditt svar. 3. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner Stäng alla program, inklusive webbläsare. Dubbelklicka på AdwCleaner för att starta programmet. Klicka på Scan-knappen. Vänta tills sökningen är klar. Klicka på Report-knappen. En rapport kommer upp, kopiera innehållet och klistra in i ditt svar. Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt 4. Skanna datorn online på http://www.eset.com/onlinescan/ För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden. Avbocka alternativet Remove found threats Bocka för Scan Archives Klicka på Advanced Settings Bocka för: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology Klicka på Start När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 2, 2014 Författare Dela Postad Maj 2, 2014 Hej! Tack för ditt svar. Här kommer loggarna. Mvh Babbler AdwCleanerR1.txt eset.txt Fixlog.txt Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 2, 2014 Dela Postad Maj 2, 2014 (redigerade) Hej! Det var så lite så Starta Anteckningar. Kopiera alla rader i rutan: C:\Users\\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 C:\Users\\AppData\Local\Temp\nsx5D57.tmp och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader. Spara filen på skrivbordet med namnet fixlist.txt. Starta FRST som finns på skrivbordet. Klicka på knappen Fix. Vänta tills programmet är klart. Programmet skapar en logg Fixlog.txt på skrivbordet. Klistra in innehållet i den i ditt svar. Hur står det till med datorn nu? Redigerad Maj 3, 2014 av Cecilia Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 3, 2014 Författare Dela Postad Maj 3, 2014 Hej! Tack för ditt svar! Här kommer loggen! Jag skickar också med en bild som du om du vill kan tyda:) Jag tycker att det är lite skumt med Användarprofiler på min dator. Jag tycker att datorn funkar bättre nu. Det dyker inte upp en massa pop up-rutor längre när jag surfar. Jag kunde inte "backa" från en internetsida förrut men nu går det:) Vet inte om det var adwareprogrammet som störde? Tack för all hjälp hittils:) Mvh Babbler Fixlog.txt Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Lösning Cecilia Postad Maj 3, 2014 Lösning Dela Postad Maj 3, 2014 Hej! Utmärkt att du inte ser till några underliga popuper längre och det kan mycket väl ha varit annonsprogrammen som påverkade bakåt-funktionen. När det gäller användarprofiler är jag nog inte rätt person att svara på det. Du kan ju ställa frågan i forumet "Windows 7" så kanske någon som kan sånt bättre ser den. Nu återstår bara att avinstallera specialprogrammen:1. Stäng alla program, inklusive webbläsare.Dubbelklicka på AdwCleaner för att starta programmet.Klicka på Uninstall-knappen.2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exeDubbelklicka på filen för att starta programmet.Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.3. Avinstallera HijackThis i Kontrollpanelen. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 3, 2014 Författare Dela Postad Maj 3, 2014 Hej! Tusen tack för hjälpen. Nu verkar datorn funka bra:) Mvh Babbler Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 3, 2014 Dela Postad Maj 3, 2014 Bara trevligt att kunna hjälpa till Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
plastiq Postad Maj 4, 2014 Dela Postad Maj 4, 2014 (redigerade) Impad Redigerad Maj 4, 2014 av plastiq Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 9, 2014 Författare Dela Postad Maj 9, 2014 Hej igen! Verkar som att jag har fått tillbaka samma problem! Kan du hjälpa mig igen? Mvh Babbler Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 9, 2014 Dela Postad Maj 9, 2014 Hej igen! Ny logg från FRST och Esets online-skanner, tack. Spara RougueKiller på Skrivbordet.För 32-bitars Windows: http://www.adlice.com/softs/roguekiller/RogueKiller.exeFör 64-bitars Windows: http://www.adlice.com/softs/roguekiller/RogueKillerX64.exeStäng av alla program.Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.Vänta tills "Prescan" har avslutats.Klicka på "Scan"-knappen uppe till höger.Vänta tills skanningen är klar.En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 9, 2014 Författare Dela Postad Maj 9, 2014 Hej! Tack för ditt svar! Här kommer loggarna. Mvh Babbler Addition.txt FRST.txt RKreport0_S_05092014_182810.txt Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 10, 2014 Dela Postad Maj 10, 2014 Hittade Esets skanner något? Kan du beskriva ditt problem lite mer, gärna med bild, och när började det om? Vad för stor ändring i Windows gjorde du den 4 och 7 maj, väldigt många Windows-filer ändrades de två dagarna? Vad finns det för program i mappen C:\Program (x86)\Setup Files? Det ser ut som att du har laddat ner AdwCleaner under fredagen. Hittade programmet något? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 10, 2014 Författare Dela Postad Maj 10, 2014 Hej! Jag missade Eset! Jag håller på att scanna just nu. Så jag svarar från min mobil. Jag har installerat Windows 8.1 och uppdaterat biosen. I Setup-mappen ligger biosfilen. Jag återkommer med Eset-loggen så snart som möjligt. Mvh Babbler Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 10, 2014 Författare Dela Postad Maj 10, 2014 Hej! Här kommer loggen! Mvh Babbler eset.txt Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 10, 2014 Dela Postad Maj 10, 2014 Det Esets skanner hittade ligger dels i mappen Windows.old som inte används och dels är det installationsfilen för CCleaner. Kan du beskriva mer detaljerat vad du har för problem? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 10, 2014 Författare Dela Postad Maj 10, 2014 Det känns segt att surfa. Den står och laddar i ca 15 sek innan jag kan scrolla med musen osv på en sida. Ibland blir det typ ett konstigt mönster (när jag scrollar) som "ligger" ovanpå det som skulle visats på just den sidan. Känns inte ok! Vad skall jag göra med windows.old-mappen? Mvh Babbler Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Maj 10, 2014 Dela Postad Maj 10, 2014 Är det så med alla tre webbläsarna? Vad får du för resultat på Bredbandskollen, både tid och hastighet är intressant? Bifoga gärna en bild av det "konstiga mönstret". Windows.old behöver du inte göra något åt, jag skulle tro att där finns en del från Windows 8 eller tidigare Windows-installation som en sorts backup/säkerhetskopia. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Babbler1 Postad Maj 10, 2014 Författare Dela Postad Maj 10, 2014 Hej! Just nu går det bättre? Bredbandskollen däremot gick dåligt. Jag har 8/1 hos Telia. Har alltid bra resultat från Bredbanskollen, men inte nu. Här kommer en bild från Bredbandskollen. Mvh Babbler Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Recommended Posts
Delta i dialogen
Du kan skriva svaret nu och registrera dig senare, Om du har ett konto, logga in nu för att svara på inlägget.