[My old antivirus detected a virus]

I hope this is it for that virus! Thank you for helping me.

[My old antivirus detected a virus]

C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\00000004.@.vir Win64/Conedex.C trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\00000008.@.vir Win64/Agent.BA trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\000000cb.@.vir Win64/Conedex.B trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000000.@.vir Win64/Sirefef.AW trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000032.@.vir probably a variant of Win32/Sirefef.FD trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000064.@.vir a variant of Win64/Sirefef.AN trojan
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win64/Patched.A.Gen trojan

[My old antivirus detected a virus]

here is Malwerebytes's loggs

Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org
Databaseversjon: v2012.11.26.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mathias :: MATHIAS-PC [administrator]
Beskyttelse: Aktivert
26.11.2012 15:06:57
mbam-log-2012-11-26 (15-06-57).txt
Skanntype: Hurtigsøk
Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM
Deaktiverte skanninnstillinger: P2P
Objekter skannet: 206332
Tid tilbakelagt: 1 minutt(er), 29 sekund(er)
Minneprosesser oppdaget: 0
(Ingen skadelige objekter funnet)
Minnemoduler oppdaget: 0
(Ingen skadelige objekter funnet)
Registernøkler oppdaget: 0
(Ingen skadelige objekter funnet)
Registerverdier oppdaget: 0
(Ingen skadelige objekter funnet)
Registerfiler oppdaget: 0
(Ingen skadelige objekter funnet)
Mapper oppdaget: 0
(Ingen skadelige objekter funnet)
Filer oppdaget 0
(Ingen skadelige objekter funnet)
(klar)

[My old antivirus detected a virus]

Really can you see that much my java is outdate

[My old antivirus detected a virus]

also my firewall is up and running again

[My old antivirus detected a virus]

Actually it runs great

[My old antivirus detected a virus]

ComboFix 12-11-25.01 - Mathias 25.11.2012 21:34:14.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.8172.6853 [GMT 1:00]

Kjører fra: c:\users\Mathias\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\7Loader.TAG

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\L\00000004.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\L\201d3dde

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\L\55490ac4

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\00000004.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\00000008.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\000000cb.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000000.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000032.@

c:\windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U\80000064.@

c:\windows\SysWow64\d2d1debug1.dll

.

Infisert kopi av c:\windows\system32\services.exe ble funnet og desinfisert

Gjenopprettet kopi fra - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2012-10-25 til 2012-11-25 )))))))))))))))))))))))))))))))))

.

.

2012-11-25 20:39 . 2012-11-25 20:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-24 19:14 . 2012-11-24 19:14 -------- d-----w- c:\users\Mathias\AO-Skintool

2012-11-24 19:12 . 2012-11-24 19:12 -------- d-----w- c:\program files (x86)\AO-Skintool

2012-11-24 18:45 . 2012-11-24 18:45 -------- d-----w- C:\VritualRoot

2012-11-24 18:34 . 2012-11-24 18:34 -------- d-----w- c:\users\Mathias\AppData\Roaming\Malwarebytes

2012-11-24 18:33 . 2012-11-24 18:33 -------- d-----w- c:\programdata\Malwarebytes

2012-11-24 18:33 . 2012-11-24 18:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-24 18:33 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-24 18:20 . 2012-11-24 20:23 -------- d-----w- c:\programdata\Comodo

2012-11-24 18:20 . 2012-11-25 17:57 -------- d-----w- c:\program files\COMODO

2012-11-24 18:20 . 2012-11-24 18:20 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2012-11-24 18:16 . 2012-11-24 18:20 -------- d-----w- c:\programdata\Comodo Downloader

2012-11-24 13:01 . 2012-11-24 13:01 -------- d-----w- c:\users\Mathias\AppData\Roaming\TuneUp Software

2012-11-24 12:58 . 2012-11-24 18:20 -------- d-----w- c:\programdata\MFAData

2012-11-24 12:58 . 2012-11-24 18:18 -------- d-----w- c:\users\Mathias\AppData\Local\Avg2013

2012-11-24 12:58 . 2012-11-24 12:58 -------- d--h--w- c:\programdata\Common Files

2012-11-24 12:58 . 2012-11-24 12:58 -------- d-----w- c:\users\Mathias\AppData\Local\MFAData

2012-11-24 12:56 . 2012-11-24 12:56 -------- d-----w- c:\users\Mathias\AppData\Local\ElevatedDiagnostics

2012-11-22 18:29 . 2012-11-25 10:55 -------- d-----w- c:\programdata\Unity

2012-11-22 17:13 . 2012-11-22 17:13 666720 ----a-w- c:\windows\SysWow64\xsherlock.xem

2012-11-22 15:28 . 2012-11-22 15:28 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-11-22 13:56 . 2012-11-22 13:56 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi

2012-11-21 21:09 . 2012-11-21 21:09 -------- d-----w- c:\programdata\ALM

2012-11-21 21:06 . 2012-11-21 21:06 -------- d-----w- c:\users\Mathias\Adobe Flash Builder 4.6

2012-11-21 20:57 . 2012-11-21 21:13 -------- d-----w- c:\program files\Adobe

2012-11-21 20:56 . 2012-11-21 21:13 -------- d-----w- c:\program files\Common Files\Adobe

2012-11-21 15:53 . 2012-11-21 15:53 -------- d-----w- c:\users\Mathias\AppData\Local\Aeria Games

2012-11-21 15:53 . 2012-11-21 15:53 -------- d-----w- c:\programdata\Aeria Games

2012-11-21 15:20 . 2012-11-21 15:20 -------- d-----w- c:\users\Mathias\AppData\Local\Diagnostics

2012-11-21 15:19 . 2012-11-24 12:21 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin

2012-11-21 15:19 . 2012-11-21 15:19 -------- d-----w- c:\program files (x86)\Aeria Games

2012-11-21 14:48 . 2012-11-24 12:21 -------- d-----w- C:\AeriaGames

2012-11-21 14:20 . 2012-11-21 14:20 -------- d-----w- c:\users\Mathias\AppData\Local\VS Revo Group

2012-11-21 14:20 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys

2012-11-21 14:20 . 2012-11-21 14:20 -------- d-----w- c:\program files\VS Revo Group

2012-11-18 18:38 . 2012-11-21 14:12 -------- d-----w- c:\program files (x86)\World of Warcraft

2012-11-18 18:38 . 2012-11-18 18:38 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-11-18 18:38 . 2012-11-18 18:38 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-11-18 18:13 . 2012-11-18 18:13 -------- d-----w- c:\programdata\Battle.net

2012-11-18 13:59 . 2012-11-18 13:59 -------- d-----w- c:\users\Mathias\AppData\Local\Nem's Tools

2012-11-18 13:59 . 2012-11-18 13:59 -------- d-----w- c:\program files (x86)\VTFEdit

2012-11-18 13:59 . 2012-11-18 13:59 -------- d-----w- c:\program files\Nem's Tools

2012-11-17 20:52 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll

2012-11-17 20:49 . 2012-11-17 20:49 -------- d-----w- c:\users\Mathias\AppData\Local\SKIDROW

2012-11-17 20:40 . 2012-11-17 20:40 -------- d-----w- c:\program files (x86)\Activision

2012-11-16 23:53 . 2012-11-16 23:59 -------- d-----w- c:\users\Mathias\AppData\Roaming\Dev-Cpp

2012-11-16 23:53 . 2012-11-16 23:53 -------- d-----w- C:\Dev-Cpp

2012-11-16 23:28 . 2012-11-16 23:28 -------- d-----w- c:\programdata\Microsoft Visual Studio

2012-11-16 23:12 . 2012-11-16 23:12 2549120 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll

2012-11-16 23:08 . 2012-11-16 23:08 -------- d-----w- c:\program files\Application Verifier

2012-11-16 23:08 . 2012-11-16 23:08 -------- d-----w- c:\program files (x86)\Application Verifier

2012-11-16 23:08 . 2012-11-16 23:08 -------- d-----w- c:\programdata\Windows App Certification Kit

2012-11-16 23:08 . 2012-11-16 23:08 -------- d-----w- c:\program files (x86)\Common Files\Microsoft

2012-11-16 23:08 . 2012-11-16 23:08 -------- d-----w- c:\programdata\PreEmptive Solutions

2012-11-16 23:06 . 2012-11-16 23:07 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET

2012-11-16 23:06 . 2012-11-16 23:06 -------- d-----w- c:\program files (x86)\Microsoft Web Tools

2012-11-16 23:06 . 2012-11-16 23:06 -------- d-----w- c:\program files\Microsoft

2012-11-16 23:06 . 2012-11-16 23:06 -------- d-----w- c:\program files\IIS Express

2012-11-16 23:06 . 2012-11-16 23:06 -------- d-----w- c:\program files (x86)\IIS Express

2012-11-16 23:05 . 2012-11-16 23:05 -------- d-----w- c:\program files (x86)\NuGet

2012-11-16 23:05 . 2012-11-16 23:05 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services

2012-11-16 23:05 . 2012-11-16 23:05 -------- d-----w- c:\program files\IIS

2012-11-16 23:05 . 2012-11-16 23:05 -------- d-----w- c:\program files (x86)\IIS

2012-11-16 23:04 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll

2012-11-16 23:04 . 2012-11-16 23:04 -------- d-----w- c:\program files (x86)\Windows Kits

2012-11-16 23:01 . 2012-11-16 23:01 -------- d-----w- c:\program files (x86)\HTML Help Workshop

2012-11-16 23:01 . 2012-11-16 23:01 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer

2012-11-16 23:01 . 2012-11-16 23:02 -------- d-----w- c:\windows\SysWow64\1033

2012-11-16 23:00 . 2012-11-16 23:09 -------- d-----w- c:\program files\Microsoft SQL Server

2012-11-16 23:00 . 2012-11-16 23:09 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2012-11-16 22:59 . 2012-11-16 23:11 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0

2012-11-16 22:58 . 2012-11-16 23:01 -------- d-----w- c:\windows\system32\1033

2012-11-16 22:58 . 2012-11-16 22:58 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0

2012-11-16 22:52 . 2012-11-16 22:52 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft

2012-11-16 22:52 . 2012-11-16 22:54 -------- d-----w- c:\programdata\Package Cache

2012-11-16 19:06 . 2012-11-16 19:06 -------- d-----w- c:\users\Mathias\AppData\Roaming\GridStream

2012-11-16 19:06 . 2012-11-16 19:06 -------- d-----w- c:\program files (x86)\GridStream

2012-11-16 15:16 . 2012-11-25 19:35 -------- d-----w- c:\program files (x86)\Steam

2012-11-16 15:16 . 2012-11-16 22:51 -------- d-----w- c:\program files (x86)\Common Files\Steam

2012-11-16 12:28 . 2012-11-16 12:28 -------- d-----w- c:\users\Mathias\AppData\Local\DOSBox

2012-11-16 12:28 . 2012-11-16 13:48 -------- d-----w- C:\Games

2012-11-09 07:10 . 2012-11-09 07:10 -------- d-----w- c:\users\Mathias\AppData\Roaming\.mono

2012-11-02 13:39 . 2012-11-02 13:39 -------- d-----w- c:\users\Mathias\.idlerc

2012-11-02 13:38 . 2012-11-02 13:38 -------- d-----w- C:\Python27

2012-11-01 15:38 . 2012-11-01 15:49 -------- d-----w- c:\users\Mathias\AppData\Roaming\TeamViewer

2012-10-29 16:04 . 2012-10-29 16:04 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-10-29 14:23 . 2012-11-21 06:51 -------- d-----w- C:\xampp

2012-10-28 10:25 . 2012-10-28 10:25 -------- d-----w- c:\programdata\Nexon

2012-10-28 10:12 . 2012-10-28 10:12 -------- d-----w- c:\program files (x86)\BandiMPEG1

2012-10-28 09:24 . 2012-10-28 10:21 -------- d-----w- C:\Download

2012-10-28 09:24 . 2012-10-28 10:10 -------- d-----w- C:\Nexon

2012-10-28 09:24 . 2012-10-28 09:24 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe

2012-10-28 09:24 . 2012-10-28 09:24 235 ----a-w- c:\windows\SysWow64\nxEuUninstall.bat

2012-10-27 16:06 . 2012-10-27 16:06 -------- d-----w- c:\users\Mathias\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-10-27 02:59 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F23746C5-1200-488B-913C-86182629A5F9}\mpengine.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-25 01:01 . 2012-10-12 15:25 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll

2012-10-13 09:38 . 2012-10-13 09:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-13 09:38 . 2012-10-13 09:38 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-13 08:40 . 2012-10-13 08:40 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-10-13 08:40 . 2012-10-13 08:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-10-13 08:40 . 2012-10-13 08:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-10-13 08:40 . 2012-10-13 08:40 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-10-13 08:40 . 2012-10-13 08:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-10-13 08:40 . 2012-10-13 08:40 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-10-13 08:40 . 2012-10-13 08:40 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-10-13 08:40 . 2012-10-13 08:40 82432 ----a-w- c:\windows\system32\icardie.dll

2012-10-13 08:40 . 2012-10-13 08:40 816640 ----a-w- c:\windows\system32\jscript.dll

2012-10-13 08:40 . 2012-10-13 08:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-10-13 08:40 . 2012-10-13 08:40 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-10-13 08:40 . 2012-10-13 08:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-10-13 08:40 . 2012-10-13 08:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-10-13 08:40 . 2012-10-13 08:40 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-10-13 08:40 . 2012-10-13 08:40 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-10-13 08:40 . 2012-10-13 08:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-10-13 08:40 . 2012-10-13 08:40 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-10-13 08:40 . 2012-10-13 08:40 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-10-13 08:40 . 2012-10-13 08:40 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-10-13 08:40 . 2012-10-13 08:40 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-10-13 08:40 . 2012-10-13 08:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-10-13 08:40 . 2012-10-13 08:40 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-10-13 08:40 . 2012-10-13 08:40 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-10-13 08:40 . 2012-10-13 08:40 448512 ----a-w- c:\windows\system32\html.iec

2012-10-13 08:40 . 2012-10-13 08:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-10-13 08:40 . 2012-10-13 08:40 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-10-13 08:40 . 2012-10-13 08:40 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-10-13 08:40 . 2012-10-13 08:40 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-10-13 08:40 . 2012-10-13 08:40 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-10-13 08:40 . 2012-10-13 08:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-10-13 08:40 . 2012-10-13 08:40 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-10-13 08:40 . 2012-10-13 08:40 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-10-13 08:40 . 2012-10-13 08:40 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-10-13 08:40 . 2012-10-13 08:40 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-10-13 08:40 . 2012-10-13 08:40 248320 ----a-w- c:\windows\system32\ieui.dll

2012-10-13 08:40 . 2012-10-13 08:40 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-10-13 08:40 . 2012-10-13 08:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-10-13 08:40 . 2012-10-13 08:40 237056 ----a-w- c:\windows\system32\url.dll

2012-10-13 08:40 . 2012-10-13 08:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-10-13 08:40 . 2012-10-13 08:40 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-10-13 08:40 . 2012-10-13 08:40 222208 ----a-w- c:\windows\system32\msls31.dll

2012-10-13 08:40 . 2012-10-13 08:40 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-10-13 08:40 . 2012-10-13 08:40 197120 ----a-w- c:\windows\system32\msrating.dll

2012-10-13 08:40 . 2012-10-13 08:40 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-10-13 08:40 . 2012-10-13 08:40 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-10-13 08:40 . 2012-10-13 08:40 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-10-13 08:40 . 2012-10-13 08:40 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-10-13 08:40 . 2012-10-13 08:40 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-10-13 08:40 . 2012-10-13 08:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-10-13 08:40 . 2012-10-13 08:40 160256 ----a-w- c:\windows\system32\wextract.exe

2012-10-13 08:40 . 2012-10-13 08:40 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-10-13 08:40 . 2012-10-13 08:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-10-13 08:40 . 2012-10-13 08:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-10-13 08:40 . 2012-10-13 08:40 149504 ----a-w- c:\windows\system32\occache.dll

2012-10-13 08:40 . 2012-10-13 08:40 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-10-13 08:40 . 2012-10-13 08:40 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-10-13 08:40 . 2012-10-13 08:40 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-10-13 08:40 . 2012-10-13 08:40 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-10-13 08:40 . 2012-10-13 08:40 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-10-13 08:40 . 2012-10-13 08:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-10-13 08:40 . 2012-10-13 08:40 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-10-13 08:40 . 2012-10-13 08:40 12288 ----a-w- c:\windows\system32\mshta.exe

2012-10-13 08:40 . 2012-10-13 08:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-10-13 08:40 . 2012-10-13 08:40 114176 ----a-w- c:\windows\system32\admparse.dll

2012-10-13 08:40 . 2012-10-13 08:40 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-10-13 08:40 . 2012-10-13 08:40 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-10-13 08:40 . 2012-10-13 08:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-10-13 08:40 . 2012-10-13 08:40 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-10-13 08:40 . 2012-10-13 08:40 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-10-13 08:40 . 2012-10-13 08:40 103936 ----a-w- c:\windows\system32\inseng.dll

2012-10-13 08:40 . 2012-10-13 08:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-12 20:15 . 2012-10-12 20:15 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-10-12 20:15 . 2012-10-12 20:15 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-10-12 20:15 . 2012-10-12 20:15 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-20 14:02 . 2012-09-20 14:02 1832760 ----a-w- c:\windows\system32\LogiLDA.DLL

2012-09-14 19:19 . 2012-10-10 14:41 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 14:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-08-31 18:19 . 2012-10-10 14:42 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-10 14:42 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-10 14:42 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12 . 2012-10-10 14:42 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-10-09 1398680]

"Akamai NetSession Interface"="c:\users\Mathias\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]

"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-10-28 438272]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-11-16 1353080]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]

"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2012-09-10 1411224]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]

.

c:\users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984]

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-21 1432400]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-12 1255736]

R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]

.

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2012-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 09:38]

.

2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-22 14:19]

.

2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-22 14:19]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Mathias\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

------- Tilleggsskanning -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 193.213.112.4 130.67.15.198 10.0.0.138

FF - ProfilePath - c:\users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\7yqm0koq.default\

FF - ExtSQL: 2012-10-19 08:04; web2pdfextension@web2pdf.adobedotcom; c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - ExtSQL: 2012-10-20 10:36; webvision@trinigy.net; c:\users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\7yqm0koq.default\extensions\webvision@trinigy.net

FF - ExtSQL: 2012-10-23 17:41; {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

.

- - - - TOMME PEKERE FJERNET - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-UnityWebPlayer - c:\users\Mathias\AppData\Local\Unity\WebPlayer\Uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]

"ImagePath"="c:\windows\system32\xsherlock.xem"

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2012-11-25 21:44:22 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2012-11-25 20:44

.

Pre-Run: 254 518 050 816 byte ledig

Post-Run: 256 117 903 360 byte ledig

.

- - End Of File - - E96F7DE028E38A7CD8DE5886368ED133

[My old antivirus detected a virus]

I used the dds to scan as i was told

dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Mathias at 19:31:34 on 2012-11-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.8172.6026 [GMT 1:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\BitTorrent\BitTorrent.exe

C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Blender Foundation\Blender\blender.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\wermgr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uProxyOverride = <local>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} -

uRun: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

uRun: [Akamai NetSession Interface] "C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe"

uRun: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [AdobeBridge] <no file>

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

StartupFolder: C:\Users\Mathias\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Mathias\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: NameServer = 193.213.112.4 130.67.15.198 10.0.0.138

TCP: Interfaces\{8FC6CFBC-54C0-4B87-A3A6-2FEF11CFCFDF} : DHCPNameServer = 193.213.112.4 130.67.15.198 10.0.0.138

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\7yqm0koq.default\

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

FF - plugin: C:\Users\Mathias\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\7yqm0koq.default\extensions\webvision@trinigy.net\plugins\npvision.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-10-19 08:04; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - ExtSQL: 2012-10-20 10:36; webvision@trinigy.net; C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\7yqm0koq.default\extensions\webvision@trinigy.net

FF - ExtSQL: 2012-10-23 17:41; {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-10-19 56208]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-28 239616]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-24 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-24 676936]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]

R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2754984]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-24 25928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-21 1432400]

S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-11-21 31800]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-9 412264]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-12 1255736]

S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2012-11-24 19:14:05 -------- d-----w- C:\Users\Mathias\AO-Skintool

2012-11-24 19:12:25 -------- d-----w- C:\Program Files (x86)\AO-Skintool

2012-11-24 18:45:01 -------- d--h--w- C:\VritualRoot

2012-11-24 18:34:14 -------- d-----w- C:\Users\Mathias\AppData\Roaming\Malwarebytes

2012-11-24 18:33:49 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-24 18:33:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-24 18:33:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-24 18:20:10 -------- d-----w- C:\ProgramData\Comodo

2012-11-24 18:20:08 -------- d-----w- C:\Program Files\COMODO

2012-11-24 18:20:07 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2012-11-24 18:16:01 -------- d-----w- C:\ProgramData\Comodo Downloader

2012-11-24 13:01:27 -------- d-----w- C:\Users\Mathias\AppData\Roaming\TuneUp Software

2012-11-24 12:58:30 -------- d--h--w- C:\ProgramData\Common Files

2012-11-24 12:58:30 -------- d-----w- C:\Users\Mathias\AppData\Local\MFAData

2012-11-24 12:58:30 -------- d-----w- C:\Users\Mathias\AppData\Local\Avg2013

2012-11-24 12:58:30 -------- d-----w- C:\ProgramData\MFAData

2012-11-24 12:56:38 -------- d-----w- C:\Users\Mathias\AppData\Local\ElevatedDiagnostics

2012-11-22 18:29:47 -------- d-----w- C:\ProgramData\Unity

2012-11-22 17:13:49 666720 ----a-w- C:\Windows\SysWow64\xsherlock.xem

2012-11-22 13:56:45 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2012-11-21 21:09:49 -------- d-----w- C:\ProgramData\ALM

2012-11-21 21:06:59 -------- d-----w- C:\Users\Mathias\Adobe Flash Builder 4.6

2012-11-21 15:53:53 -------- d-----w- C:\Users\Mathias\AppData\Local\Aeria Games

2012-11-21 15:53:27 -------- d-----w- C:\ProgramData\Aeria Games

2012-11-21 15:24:44 -------- d-----w- C:\Windows\SysWow64\directx

2012-11-21 15:20:41 -------- d-----w- C:\Users\Mathias\AppData\Local\Diagnostics

2012-11-21 15:19:11 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin

2012-11-21 15:19:11 -------- d-----w- C:\Program Files (x86)\Aeria Games

2012-11-21 14:48:03 -------- d-----w- C:\AeriaGames

2012-11-21 14:20:57 -------- d-----w- C:\Users\Mathias\AppData\Local\VS Revo Group

2012-11-21 14:20:55 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys

2012-11-21 14:20:54 -------- d-----w- C:\Program Files\VS Revo Group

2012-11-18 18:38:25 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2012-11-18 18:38:25 -------- d-----w- C:\Program Files (x86)\World of Warcraft

2012-11-18 18:38:25 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2012-11-18 18:13:19 -------- d-----w- C:\ProgramData\Battle.net

2012-11-18 13:59:46 -------- d-----w- C:\Users\Mathias\AppData\Local\Nem's Tools

2012-11-18 13:59:34 -------- d-----w- C:\Program Files (x86)\VTFEdit

2012-11-18 13:59:20 -------- d-----w- C:\Program Files\Nem's Tools

2012-11-17 20:49:33 -------- d-----w- C:\Users\Mathias\AppData\Local\SKIDROW

2012-11-17 20:40:14 -------- d-----w- C:\Program Files (x86)\Activision

2012-11-16 23:53:59 -------- d-----w- C:\Users\Mathias\AppData\Roaming\Dev-Cpp

2012-11-16 23:53:55 -------- d-----w- C:\Dev-Cpp

2012-11-16 23:28:29 -------- d-----w- C:\ProgramData\Microsoft Visual Studio

2012-11-16 23:12:52 2549120 ----a-w- C:\ProgramData\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll

2012-11-16 23:08:53 -------- d-----w- C:\Program Files\Application Verifier

2012-11-16 23:08:53 -------- d-----w- C:\Program Files (x86)\Application Verifier

2012-11-16 23:08:47 -------- d-----w- C:\ProgramData\Windows App Certification Kit

2012-11-16 23:08:16 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft

2012-11-16 23:08:04 -------- d-----w- C:\ProgramData\PreEmptive Solutions

2012-11-16 23:06:56 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET

2012-11-16 23:06:41 -------- d-----w- C:\Program Files (x86)\Microsoft Web Tools

2012-11-16 23:06:30 -------- d-----w- C:\Program Files\Microsoft

2012-11-16 23:06:19 -------- d-----w- C:\Program Files\IIS Express

2012-11-16 23:06:19 -------- d-----w- C:\Program Files (x86)\IIS Express

2012-11-16 23:05:51 -------- d-----w- C:\Program Files (x86)\NuGet

2012-11-16 23:05:43 -------- d-----w- C:\Program Files (x86)\Microsoft WCF Data Services

2012-11-16 23:05:38 -------- d-----w- C:\Program Files\IIS

2012-11-16 23:05:38 -------- d-----w- C:\Program Files (x86)\IIS

2012-11-16 23:04:33 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll

2012-11-16 23:04:09 -------- d-----w- C:\Program Files (x86)\Windows Kits

2012-11-16 23:01:34 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop

2012-11-16 23:01:26 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer

2012-11-16 23:01:04 -------- d-----w- C:\Windows\SysWow64\1033

2012-11-16 23:00:57 -------- d-----w- C:\Program Files\Microsoft SQL Server

2012-11-16 23:00:57 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2012-11-16 22:59:00 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 11.0

2012-11-16 22:58:59 -------- d-----w- C:\Windows\System32\1033

2012-11-16 22:58:55 -------- d-----w- C:\Program Files\Microsoft Visual Studio 11.0

2012-11-16 22:52:35 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft

2012-11-16 22:52:34 -------- d-----w- C:\ProgramData\Package Cache

2012-11-16 19:06:55 -------- d-----w- C:\Users\Mathias\AppData\Roaming\GridStream

2012-11-16 19:06:52 -------- d-----w- C:\Program Files (x86)\GridStream

2012-11-16 15:16:01 -------- d-----w- C:\Program Files (x86)\Steam

2012-11-16 15:16:01 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2012-11-16 12:28:53 -------- d-----w- C:\Users\Mathias\AppData\Local\DOSBox

2012-11-16 12:28:44 -------- d-----w- C:\Games

2012-11-09 07:10:46 -------- d-----w- C:\Users\Mathias\AppData\Roaming\.mono

2012-11-02 13:39:14 -------- d-----w- C:\Users\Mathias\.idlerc

2012-11-02 13:38:34 -------- d-----w- C:\Python27

2012-11-01 15:38:38 -------- d-----w- C:\Users\Mathias\AppData\Roaming\TeamViewer

2012-10-29 16:04:50 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-10-29 14:23:35 -------- d-----w- C:\xampp

2012-10-28 10:25:44 -------- d-----w- C:\ProgramData\Nexon

2012-10-28 10:12:48 -------- d-----w- C:\Program Files (x86)\BandiMPEG1

2012-10-28 09:24:23 -------- d-----w- C:\Download

2012-10-28 09:24:17 446464 ----a-w- C:\Windows\NEXON_EU_DownloaderUpdater.exe

2012-10-28 09:24:17 235 ----a-w- C:\Windows\SysWow64\nxEuUninstall.bat

2012-10-28 09:24:17 -------- d-----w- C:\Nexon

2012-10-28 09:23:24 -------- d-----w- C:\ProgramData\NexonEU

2012-10-27 16:06:14 -------- d-----w- C:\Users\Mathias\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-10-27 02:59:04 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F23746C5-1200-488B-913C-86182629A5F9}\mpengine.dll

.

==================== Find3M ====================

.

2012-10-13 09:38:59 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-13 09:38:59 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-12 20:15:03 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-12 20:15:03 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-10-12 20:15:03 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-10-09 14:14:28 0 ----a-w- C:\Windows\ativpsrm.bin

2012-09-20 14:02:06 1832760 ----a-w- C:\Windows\System32\LogiLDA.DLL

2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

.

============= FINISH: 19:31:54,81 ===============

Wasnt sure if i was going to add attach.txt to but here it is:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 09.10.2012 16:01:24

System Uptime: 25.11.2012 18:55:09 (1 hours ago)

.

Motherboard: Acer | | Predator G3610

Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 1590/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 443 GiB total, 237,213 GiB free.

D: is FIXED (NTFS) - 488 GiB total, 423,186 GiB free.

E: is CDROM (CDFS)

I: is Removable

J: is Removable

K: is Removable

L: is Removable

M: is Removable

N: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: SM-busskontroller

Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_05891025&REV_05\3&11583659&0&FB

Manufacturer:

Name: SM-busskontroller

PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_05891025&REV_05\3&11583659&0&FB

Service:

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_80001025&REV_06\02000000684CE00000

Manufacturer: Realtek

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_80001025&REV_06\02000000684CE00000

Service: RTL8167

.

Class GUID:

Description: Universal Serial Bus (USB)-kontroller

Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_05891025&REV_01\010101010101010100

Manufacturer:

Name: Universal Serial Bus (USB)-kontroller

PNP Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_05891025&REV_01\010101010101010100

Service:

.

Class GUID:

Description: Enkel kommunikasjonskontroller for PCI

Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_05891025&REV_04\3&11583659&0&B0

Manufacturer:

Name: Enkel kommunikasjonskontroller for PCI

PNP Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_05891025&REV_04\3&11583659&0&B0

Service:

.

==== System Restore Points ===================

.

RP32: 22.11.2012 - Planlagt kontrollpunkt

RP33: 24.11.2012 14:00:04 - Installed AVG 2013

RP34: 24.11.2012 14:00:30 - Installed AVG 2013

RP35: 24.11.2012 19:16:49 - Removed AVG 2013

RP36: 24.11.2012 19:18:05 - Removed AVG 2013

.

==== Installed Programs ======================

.

Tools for .Net 3.5

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Creative Suite 6 Master Collection

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Help Manager

Adobe Reader XI - Norsk

Adobe Widget Browser

Aeria Ignite

Akamai NetSession Interface

Alliance of Valiant Arms

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Anarchy Online

AO-Skintool

Autodesk Backburner 2013.0.0

Autodesk DirectConnect 2013 64-bit

Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit

Autodesk MatchMover 2013 64-bit

Autodesk Maya 2013 64-bit

Bandisoft MPEG-1 Decoder

BitTorrent

bl

Blend for Visual Studio 2012

Blend for Visual Studio 2012 ENU resources

Blender

Call of Duty Black Ops II

Camtasia Studio 8

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CMake 2.8, a cross-platform, open-source build system

Composite 2013 64-bit

Counter-Strike: Source

Dev-C++ 5 beta 9 release (4.9.9.2)

DK Online

Dotfuscator and Analytics Community Edition

Dropbox

Entity Framework Designer for Visual Studio 2012 - enu

FileZilla Client 3.5.3

GCFScape 1.8.3

Google Chrome

Google Update Helper

GridStream - GridStream Player

Guild Wars 2

HeidiSQL 7.0.0.4206

Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)

IIS 8.0 Express

IIS Express Application Compatibility Database for x64

IIS Express Application Compatibility Database for x86

Java 7 Update 7

Java Auto Updater

Java 6 Update 22

LocalESPC

LocalESPCui for en-us

LogMeIn Hamachi

Makehuman

Malwarebytes Anti-Malware versjon 1.65.1.1000

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5

Microsoft .NET Framework 4.5 Multi-Targeting Pack

Microsoft .NET Framework 4.5 SDK

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 3

Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update

Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools

Microsoft ASP.NET MVC 4 Runtime

Microsoft ASP.NET Web Pages

Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 Runtime

Microsoft Help Viewer 1.0

Microsoft Help Viewer 2.0

Microsoft LightSwitch for Visual Studio 2012 Core

Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU

Microsoft NuGet - Visual Studio 2012

Microsoft Portable Library Multi-Targeting Pack

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu

Microsoft Report Viewer Add-On for Visual Studio 2012

Microsoft Silverlight

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2012 Command Line Utilities

Microsoft SQL Server 2012 Data-Tier App Framework

Microsoft SQL Server 2012 Express LocalDB

Microsoft SQL Server 2012 Management Objects

Microsoft SQL Server 2012 Management Objects (x64)

Microsoft SQL Server 2012 Native Client

Microsoft SQL Server 2012 T-SQL Language Service

Microsoft SQL Server 2012 Transact-SQL Compiler Service

Microsoft SQL Server 2012 Transact-SQL ScriptDom

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 x64 ENU

Microsoft SQL Server Compact 4.0 SP1 x64 ENU

Microsoft SQL Server Data Tools - enu (11.1.20627.00)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)

Microsoft SQL Server System CLR Types

Microsoft SQL Server System CLR Types (x64)

Microsoft System CLR Types for SQL Server 2012

Microsoft System CLR Types for SQL Server 2012 (x64)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 Express - ENU

Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727

Microsoft Visual C++ 2012 Compilers

Microsoft Visual C++ 2012 Compilers - ENU Resources

Microsoft Visual C++ 2012 Core Libraries

Microsoft Visual C++ 2012 Extended Libraries

Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

Microsoft Visual Studio 2010 Office Developer Tools (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2012 Devenv

Microsoft Visual Studio 2012 Devenv Resources

Microsoft Visual Studio 2012 IntelliTrace Core amd64

Microsoft Visual Studio 2012 IntelliTrace Core x86

Microsoft Visual Studio 2012 IntelliTrace Front End x86

Microsoft Visual Studio 2012 Performance Collection Tools

Microsoft Visual Studio 2012 Performance Collection Tools - ENU

Microsoft Visual Studio 2012 Preparation

Microsoft Visual Studio 2012 SharePoint Developer Tools

Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack

Microsoft Visual Studio 2012 Shell (Minimum)

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies

Microsoft Visual Studio 2012 Shell (Minimum) Resources

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU

Microsoft Visual Studio Premium 2012

Microsoft Visual Studio Premium 2012 - ENU

Microsoft Visual Studio Professional 2012

Microsoft Visual Studio Professional 2012 - ENU

Microsoft Visual Studio Team Foundation Server 2012 Object Model

Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU

Microsoft Visual Studio Team Foundation Server 2012 Storyboarding

Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU

Microsoft Visual Studio Ultimate 2012

Microsoft Visual Studio Ultimate 2012 - ENU

Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core

Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources

Microsoft Web Deploy 3.0

Microsoft Web Deploy dbSqlPackage Provider - enu

Microsoft Web Developer Tools - Visual Studio 2012

Microsoft Web Platform Installer 4.0

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 16.0.1 (x86 nb-NO)

Mozilla Maintenance Service

Nexon Game Manager

Notepad++

OpenOffice.org 3.3

OpenSSL 1.0.1c (32-bit)

OpenSSL 1.0.1c (64-bit)

PDF Settings CS6

ph

PreEmptive Analytics Visual Studio Components

Prerequisites for SSDT

Python 2.7.3

Realtek Ethernet Controller Driver

Revo Uninstaller Pro 2.5.7

Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489)

Skype Click to Call

Skype™ 6.0

SpeedFan (remove only)

Steam

TeamViewer 7

Tropico 4 1.00

TwelveSky2

Unity

Unity Web Player

Vindictus EU

Visual Studio 2010 x64 Redistributables

Visual Studio 2012 Prerequisites

Visual Studio 2012 Prerequisites - ENU Language Pack

Visual Studio Extensions for Windows Library for JavaScript

VLC media player 2.0.4

VTFEdit 1.2.5

WCF Data Services 5.0 (for OData v3) Primary Components

WCF Data Services Tools for Microsoft Visual Studio 2012

WCF RIA Services V1.0 SP2

Windows App Certification Kit Native Components

Windows App Certification Kit x64

Windows Runtime Intellisense Content - en-us

Windows Software Development Kit

Windows Software Development Kit DirectX x64 Remote

Windows Software Development Kit DirectX x86 Remote

Windows Software Development Kit for Windows Store Apps

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote

WinRAR 4.20 (64-bit)

World of Warcraft

XAMPP 1.8.1

.

==== End Of File ===========================

[Dangerous virus]

Hey

Yesterday i figure out that i got a virus that makes other virus

if you see the main virus lays on the service.exe in windows/system32 and i avg says that it cannot remove it becouse that will harm my computer and this antivurs dont find it.

and i also find out where it spawns the other virus

C:\Windows\Installer\{91cab4a9-02f9-c6ae-75f1-f90c910af292}\U

it spawns thos virus often and i think one of them i keylogger i can delete them but they just come back so i think i need to get rid of that one on service.exe

anyone got an idea how i can fix this?